Vulnerability Description
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/con
- http://www.openwall.com/lists/oss-security/2025/05/12/2
- http://www.openwall.com/lists/oss-security/2025/05/13/2
- http://www.openwall.com/lists/oss-security/2025/09/24/3
- http://www.openwall.com/lists/oss-security/2025/09/25/3
- http://www.openwall.com/lists/oss-security/2025/09/25/5
- http://www.openwall.com/lists/oss-security/2025/09/26/1
- https://lists.debian.org/debian-lts-announce/2025/05/msg00017.html
FAQ
What is CVE-2025-22247?
CVE-2025-22247 is a vulnerability with a CVSS score of 6.1 (MEDIUM). VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within ...
How severe is CVE-2025-22247?
CVE-2025-22247 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-22247?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.