{"id":561,"date":"2025-03-26T18:26:14","date_gmt":"2025-03-26T18:26:14","guid":{"rendered":"https:\/\/www.techrepublic.com\/?p=4299888"},"modified":"2025-03-26T18:26:14","modified_gmt":"2025-03-26T18:26:14","slug":"update-vmware-tools-for-windows-now-high-severity-flaw-lets-hackers-bypass-authentication","status":"publish","type":"post","link":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/03\/26\/update-vmware-tools-for-windows-now-high-severity-flaw-lets-hackers-bypass-authentication\/","title":{"rendered":"Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication"},"content":{"rendered":"
\"VMWare
Image: Ferran Rodenas\/Flickr\/Creative Commons<\/figcaption><\/figure>\n

If you use VMware Tools for Windows, it is critical to update to the latest version. Broadcom, which acquired VMware for $69 billion in 2023, has issued a patch for a high-severity vulnerability that is actively being exploited by cybercriminals.<\/p>\n

The vulnerability affects VMware Tools for Windows versions 11.x.x and 12.x.x, but has been patched in version 12.5.1. Broadcom confirmed that no workarounds are available, so affected users should update immediately.<\/p>\n

<\/span>What are the details about this authentication bypass vulnerability?<\/span><\/h2>\n

VMware Tools for Windows<\/a> is a suite of utilities that enhances the performance and functionality of Windows-based virtual machines running on VMware platforms. It supports functions like display resolution, seamless mouse and keyboard integration, and better time synchronization between host and guest systems.<\/p>\n

CVE-2025-22230 is classified as an \u201cauthentication bypass vulnerability,\u201d according to Broadcom\u2019s security advisory. While technical details remain limited, Broadcom suggests that the flaw results from improper access control mechanisms in some versions of VMware Tools for Windows.<\/p>\n

\u201cA malicious actor with non-administrative privileges on a Windows guest (virtual machine) may gain (the) ability to perform certain high-privilege operations within that VM,\u201d the company said.<\/p>\n

The vulnerability has a CVSS score of 7.8 out of 10, indicating a high-severity issue. It does not require user interaction for exploitation.<\/p>\n

The vulnerability was reported by Sergey Bliznyuk of Positive Technologies, a Russian cybersecurity firm sanctioned by the U.S. Treasury in 2021 for allegedly providing security tools to and hosting recruitment events for Russian intelligence services.<\/p>\n