VMware tools Security Flaw Exposes Windows Systems

A critical security vulnerability has been identified within VMware Tools for windows, possibly allowing attackers with limited privileges to escalate their access within a virtual machine. broadcom has addressed this weakness with a new software update, urging users to apply teh patch instantly.

Authentication Bypass Details (CVE-2025-22230)

According to BroadcomS security advisory, the vulnerability, tracked as CVE-2025-22230, stems from inadequate access controls. This flaw carries a CVSS score of 7.8, classifying it as “high” severity. Exploitation of this vulnerability could enable malicious actors with non-administrative rights on a windows guest system to perform actions requiring elevated privileges. However, the specific attack vectors and methods of detection remain undisclosed by Broadcom.

The authentication is possible due to insufficient access controls (CVE-2025-22230, CVSS 7.8).

Affected Versions and Remediation

The vulnerability impacts VMware Tools versions 11.xy and 12.xy running on Windows operating systems. VMware Tools on linux and MacOS platforms are not affected. Users are advised to upgrade to VMware Tools version 12.5.1 for Windows, which contains the necessary fix.

The updated version can be downloaded from the Broadcom support portal after logging in. Along with addressing the primary authentication bypass, the update also resolves a separate security issue within the bundled MS Visual C++ 2015-2022 Redistributable package.

MS Visual C++ Redistributable Vulnerability (CVE-2024-43590)

The included MS Visual C++ Redistributable package also contained a vulnerability, identified as CVE-2024-43590, which could lead to privilege escalation. Microsoft has also rated this vulnerability as “high” severity, assigning it a CVSS score of 7.8. This highlights the importance of keeping all software components, including runtime libraries, up to date.

According to Microsoft, the weak point with the CVE entry CVE-2024-43590 also enables the rights to be expanded. The Redmond developers have a risk assessment as “hoch“, with a CVSS value of 7.8indicated.

Broader VMware Security landscape

This patch arrives amidst ongoing concerns about VMware security. Earlier this month, widespread exploitation of vulnerabilities in VMware ESXi servers was reported. In early March, reports indicated that tens of thousands of servers remained vulnerable and exposed on the internet due to delayed patching. specifically, approximately 2,800 servers in Germany and over 41,000 globally were still susceptible to attack.

These incidents underscore the critical need for prompt patching and robust security practices within VMware environments. Organizations should prioritize vulnerability management and ensure timely application of security updates to mitigate potential risks.