Broadcom Releases Patch for Bug in VMware Tools for Windows, Allowing Attackers to Bypass Authentication
Broadcom releases an urgent patch for critical vulnerabilities in VMware Tools for Windows. This is a suite of drivers and tools for virtualized Windows systems designed to improve their integration with the guest OS. The bug in question allows an attacker with low privileges in a Windows VM to perform certain actions with high privileges.
Blacklist
The bug was discovered by Sergey Bliznyuk of Positive Technologies. He is a Russian security researcher working for a cybersecurity company that is on an American blacklist. The company allegedly sells malware and spyware.
read also
12,600 VMware ESXi Servers in Europe Vulnerable to Actively Exploited Bug
The bug is labeled CVE-2025-22230, with a score of 7.8. It does not appear that attackers are actively exploiting the vulnerability at this time. Nevertheless, as always, it is wise to roll out the patch with high urgency.
Earlier this month, it became apparent that a lax patching policy in the Benelux alone left 1,000 servers vulnerable to another VMware bug. That vulnerability in VMware ESXi was previously patched by VMware and is being actively exploited.