VMware tools enable rights extension in VMs
Due to a vulnerability in VMware Tools, attackers can elevate their rights in a VM. An update corrects this.
Security gaps in VMware products put users at risk.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
There is a vulnerability in VMware Tools that allows attackers with low privileges in a VM to escalate their access rights. Broadcom has provided updated software to patch this vulnerability.
In Broadcom's security advisory, the authors discuss that due to insufficient access controls, authentication bypass is possible (CVE-2025-22230, CVSS 7.8, risk "high"). Malicious actors with non-administrative rights in a Windows guest system can thus carry out operations that require higher access rights. However, the authors of the announcement do not discuss what such attacks look like and how they can be detected.
Update to plug the security hole
VMware Tools 11.x.y and 12.x.y under Windows are vulnerable; VMware Tools for Linux and macOS are not vulnerable. VMware Tools version 12.5.1 for Windows should close the vulnerability.
Videos by heise
The updated version can be downloaded from the Broadcom download page after logging in. According to the release notes for the update, the updated software also fixes a vulnerability in the supplied MS Visual C++ 2015-2022 redistributables. According to Microsoft, the vulnerability with the CVE entry CVE-2024-43590 also allows privilege escalation. The Redmond developers have given it a risk assessment of "high", with a CVSS value of 7.8.
At the beginning of the month, security vulnerabilities in VMware ESXi became known, which were attacked by attackers. In the first week of March, tens of thousands of servers were still vulnerable and exposed on the Internet. The admins had apparently not yet installed the update to plug the vulnerability, which was classified as "critical". In Germany, 2800 servers were still vulnerable at the time, while more than 41,000 were vulnerable globally.
(dmk)
