VMware ESXi Flaw Now Exploited in Ransomware Attacks
Summary:
CISA has updated its Known Exploited Vulnerabilities (KEV) catalog to reflect that ransomware groups are now actively chaining three VMware vulnerabilities originally patched in early 2025. This chain includes CVE-2025-22224 (a TOCTOU race condition in the VMX process), CVE-2025-22225 (an arbitrary kernel write vulnerability), and CVE-2025-22226 (an information disclosure flaw in the Host-Guest File System).
While these were previously used by sophisticated state-sponsored groups, they have now trickled down to ransomware operators who use them to perform a "sandbox escape," jumping from a compromised guest virtual machine to the underlying ESXi hypervisor.
Security Officer Comments:
The impact of a VM escape represents a high-value exploitation avenue for ransomware operators. Once an attacker escapes the guest VM and gains control of the ESXi hypervisor, they achieve "backend" access to the entire environment. This allows them to bypass all guest-level security software (like EDR or Antivirus) and directly access the datastores where all virtual disks (.vmdk files) are kept.
Ransomware groups use this to encrypt the entire host's storage at once, bringing down every virtualized server on that hardware simultaneously. Because the encryption happens at the hypervisor layer, the individual guest operating systems often have no record of the attack until they simply cease to function.
For MSPs, this represents a "tenant breakout" nightmare. Many MSPs use shared ESXi clusters to host multiple different clients; a successful VM escape means that a breach at one small client could potentially lead to the compromise of every other client sharing that same physical host.
Additionally, attackers can use this access to move laterally into the management network or reach into attached storage (SAN/NAS) that might hold backups or sensitive data for the entire MSP practice. Because this attack bypasses standard endpoint security, an MSP’s traditional monitoring tools may stay "green" while the entire infrastructure is being encrypted from underneath.
Suggested Corrections:
The primary mitigation is to immediately apply the security patches released by Broadcom for ESXi 8.0 and 7.0 (specifically ESXi 8.0 Update 3d or ESXi 7.0 Update 3q and later).
If patching cannot be performed immediately, MSPs should implement "Lockdown Mode" on ESXi hosts to restrict management access and ensure that high-risk VMs (like those with public-facing web servers) are physically isolated on separate hosts from critical internal infrastructure like Domain Controllers. Additionally, disabling unused hardware devices in VM settings (such as CD-ROM drives or USB controllers) can reduce the attack surface used for sandbox escapes. Monitoring for unusual VMX process behavior and restricting the ESXi management network to trusted IP addresses via a hardware firewall are also essential defensive layers.
Link(s):
https://support.broadcom.com/web/ec...-/external/content/SecurityAdvisories/0/25390
CISA has updated its Known Exploited Vulnerabilities (KEV) catalog to reflect that ransomware groups are now actively chaining three VMware vulnerabilities originally patched in early 2025. This chain includes CVE-2025-22224 (a TOCTOU race condition in the VMX process), CVE-2025-22225 (an arbitrary kernel write vulnerability), and CVE-2025-22226 (an information disclosure flaw in the Host-Guest File System).
While these were previously used by sophisticated state-sponsored groups, they have now trickled down to ransomware operators who use them to perform a "sandbox escape," jumping from a compromised guest virtual machine to the underlying ESXi hypervisor.
Security Officer Comments:
The impact of a VM escape represents a high-value exploitation avenue for ransomware operators. Once an attacker escapes the guest VM and gains control of the ESXi hypervisor, they achieve "backend" access to the entire environment. This allows them to bypass all guest-level security software (like EDR or Antivirus) and directly access the datastores where all virtual disks (.vmdk files) are kept.
Ransomware groups use this to encrypt the entire host's storage at once, bringing down every virtualized server on that hardware simultaneously. Because the encryption happens at the hypervisor layer, the individual guest operating systems often have no record of the attack until they simply cease to function.
For MSPs, this represents a "tenant breakout" nightmare. Many MSPs use shared ESXi clusters to host multiple different clients; a successful VM escape means that a breach at one small client could potentially lead to the compromise of every other client sharing that same physical host.
Additionally, attackers can use this access to move laterally into the management network or reach into attached storage (SAN/NAS) that might hold backups or sensitive data for the entire MSP practice. Because this attack bypasses standard endpoint security, an MSP’s traditional monitoring tools may stay "green" while the entire infrastructure is being encrypted from underneath.
Suggested Corrections:
The primary mitigation is to immediately apply the security patches released by Broadcom for ESXi 8.0 and 7.0 (specifically ESXi 8.0 Update 3d or ESXi 7.0 Update 3q and later).
If patching cannot be performed immediately, MSPs should implement "Lockdown Mode" on ESXi hosts to restrict management access and ensure that high-risk VMs (like those with public-facing web servers) are physically isolated on separate hosts from critical internal infrastructure like Domain Controllers. Additionally, disabling unused hardware devices in VM settings (such as CD-ROM drives or USB controllers) can reduce the attack surface used for sandbox escapes. Monitoring for unusual VMX process behavior and restricting the ESXi management network to trusted IP addresses via a hardware firewall are also essential defensive layers.
Link(s):
https://support.broadcom.com/web/ec...-/external/content/SecurityAdvisories/0/25390