If you use vmware tools for windows, it is critical to update to the latest version. Broadcom, which acqured vmware for $ 69 billion in 2023, has is issued a patch for a high-serverity vulnerability that is actively being excluded by cybercriminals.

The vulnerability affects vmware tools for windows versions 11.xx and 12.xx, but has been patched in version 12.5.1. Broadcom confirmed that no workerounds are available, so affected users should update immediatily.

What are the details about this Authentication bypass Vulnerability?

Vmware tools for windows Is a suite of utilities that enhances the performance and functionality of windows-based virtual machines running on vmware platforms. It supports functions like display resolution, seamless mouse and keyboard integration, and better time synchronization between host and guest systems.

Cve-2025-22230 is classified as an “Authentication bypass vulnerability,” according to broadcom’s security advisory. While Technical Details Remain Limited, Broadcom Sugges That The Flaw Results from Improper access control mechanisms in some versions of vmware tools for windows.

“A MALICIOUS Actor with Non-Edminist Privileges on a Windows Guest (Virtual Machine) May Gain (The) Ability to perform certain high-profilege operations with that vm,” the company said.

The vulnerability has a cvss score of 7.8 out of 10, indicating a high-beverity issue. It does not require user interaction for exploitation.

The vulnerability was reported by sergey bliznyuk of positive technologies, a russian cybersecurity firm sanctioned by the us treasury in 2021 for alliedly providing security tools tools tools tool Events for Russian Intelligence services.

VMware vulnerabilites are oft-Targeted

Earlier this month, broadcom patched three actively exploated zero-day vulnerabilites in vmware esxi, workstation, and fusion. These required attackers to have administrator or root access to a virtual machine, but if they did, they could make it as Sandbox and Breach the Underling Hypervisor, Potanally Exposing All Connected Virtual Machines and Sensitive Data. At the time, Nearly 41,500 vmware esxi institutes were identified as vulnerable due to Cve-2025-22224,

Last year, vmware esxi servers were hit by a double-expertion ransomware variant, with the threat actors impersonating a real organization. Hackers like to target vmware as it is widely used in enterprise. Furthermore, Compromising The Hypervisor Can Allow Attackers to Disable Multiple Virtual Machines Simultanesely and Remove Recovery Options Such as Snapshots Oor Backups, ENSURINT Impact on a business’s operations.