Security Advisory

Broadcom Product Security Update Advisory

  • Mar 06 2025

Overview

We have released a security update to fix vulnerabilities in Broadcom products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-22224, CVE-2025-22225, CVE-2025-22226

VMware ESXi Versions: 8.0, 7.0
VMware Workstation Versions: 17.x
VMware Fusion Version: 13.x
VMware Cloud Foundation Versions: 5.x, 4.5.x
VMware Telco Cloud Platform Version: 5.x, 4.x, 3.x, 2.x
VMware Telco Cloud Infrastructure Versions: 3.x, 2.x

 

 

Resolved Vulnerabilities

Heap Overflow Vulnerability (CVE-2025-22224)
Arbitrary Write Vulnerability (CVE-2025-22225)
HGFS Information Leakage Vulnerability (CVE-2025-22226)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
 

 

 

CVE-2025-22224, CVE-2025-22225, CVE-2025-22226

VMware ESXi version: ESXi80U3d-24585383, ESXi80U2d-24585300, ESXi70U3s-24585291
VMware Workstation Version: 17.6.3
VMware Fusion Version: 13.6.3
VMware Cloud Foundation version: ESXi80U3d-24585383, ESXi70U3s-24585291
VMware Telco Cloud Platform version: KB389385
VMware Telco Cloud Infrastructure version: KB389385

 

 

References

[1] VMSA-2025-0004: VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

Tags:

Previous Post

Next Post