{"cve":{"cve_id":"CVE-2025-22225","is_kev":true,"kev_date_added":"2025-03-04","kev_vendor_project":"VMware","kev_product":"ESXi","kev_vulnerability_name":"VMware ESXi Arbitrary Write Vulnerability","kev_short_description":"VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.","kev_required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","kev_due_date":"2025-03-25","kev_known_ransomware":true,"kev_notes":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22225","kev_cwes":["CWE-123"],"epss_score":0.00963,"epss_percentile":0.57015,"epss_as_of":"2026-06-23","description":"VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.","published_at":"2025-03-04T11:56:27.537000Z","last_modified_at":null,"cvss_v3_score":8.2,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-123"],"nvd_references":["https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-28T23:25:45.962810Z"},"effective_severity":"HIGH","badges":["kev","ransomware"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[],"exploit_refs":[],"news":[],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"cisa_reported","at":"2025-03-04T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"published","at":"2025-03-04T11:56:27.537000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:43:26.473870Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:43:26.473870Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:43:26.473870Z","label":"CVSS score revised","source":"cvelistv5"}]}