Syneto Knowledge

Open a ticket

CVE-2025-22247 (VMware Tools Insecure File Handling Vulnerability)

Administrator

Written By Christian Castagna (Administrator)

Updated at May 21st, 2025

Table of Contents

Vulnerability description Solution

This article provides information on how to mitigate the CVE-2025-22247 vulnerability.

→ Applies to: VMware Tools (from 11.0.0 to 12.5.1 included)

 

Vulnerability description

A non-privileged user within a guest virtual machine can exploit unsafe file handling in VMware Tools to perform unauthorized file operations, potentially compromising the integrity and security of the guest system.

SOURCES
NIST (https://nvd.nist.gov/vuln/detail/CVE-2025-22247)
VMware (https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683)

 

Solution

Update VMware Tools with a not affected version (12.5.2 and above).

Related Articles

CVE-2024-6387 (regreSSHion attack)

This article provides information on how to mitigate the CVE-2024-6387 vulnerabil...

CVE-2023-48795 (Terrapin attack on SSH)

This article provides information on how to mitigate the CVE-2023-48795 vulnerabi...

CVE-2023-34058 (VMware Tools Token Signature Bypass Vulnerability)

This article provides information on how to mitigate the CVE-2023-34058 vulnerabi...

CVE-2023-34057 (VMware Tools Privilege Escalation Vulnerability)

This article provides information on how to mitigate the CVE-2023-34057 vulnerabi...