Critical VMware ESXi 8.x Vulnerabilities & Fixes – March 2025

Introduction

VMware ESXi is a critical component of modern data centers, and ensuring its security is paramount. In March 2025, Broadcom’s security team identified critical vulnerabilities in ESXi 8.x, requiring immediate patching. If left unpatched, these vulnerabilities could expose your ESXi hosts to potential remote code execution (RCE), unauthorized access, and VM escape attacks.

This article covers the latest security vulnerabilities, their CVE identifiers, potential impact, and how to patch your ESXi 8.x hosts to stay protected.

Latest VMware ESXi 8.x Vulnerabilities

In the latest VMware security advisory, three critical vulnerabilities were disclosed affecting ESXi 8.x, Workstation, and Fusion:

1. Remote Code Execution in ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)

⚠️ Severity: Critical (CVSS Score: 7.1 – 9.3)

🛠️ Affected Versions: VMware ESXi 8.x

These vulnerabilities could allow an attacker to execute arbitrary code on the ESXi host, potentially leading to a full system compromise.

🔴 Impact:

• Exploitation could allow unauthorized code execution at the host level.

• Attackers may escape from a virtual machine (VM) and gain access to the ESXi host.

• It poses a severe security risk if your environment is public-facing.

✅ Mitigation & Fixes:

VMware has released ESXi 8.0 Update 3d to patch these vulnerabilities.

• Immediate Action: Apply ESXi 8.0 Update 3d from VMware’s official patch release.

• Restrict access: Disable SSH & unnecessary services to reduce attack surface.

• Monitor logs: Use vSphere security logs to detect any suspicious activity.

🔗 Official Patch Release: ESXi 8.0 Update 3d – Broadcom

How to Secure Your ESXi Hosts Against These Vulnerabilities

To safeguard your VMware ESXi environment from these security risks, follow these best practices:

🛠 1. Update Your ESXi Hosts Immediately

• Install ESXi 8.0 Update 3d to mitigate vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226.

• Always check for latest patches on Broadcom’s VMware Security Advisories:

  • VMware Security Advisories

🔐 2. Restrict SSH & API Access

• Disable SSH on production ESXi hosts.

• Restrict API access to trusted networks only.

📡 3. Enable vSphere Security Hardening

• Configure firewall rules to block unnecessary traffic.

• Implement multi-factor authentication (MFA) for admin accounts.

📊 4. Monitor & Audit Logs Regularly

• Use SIEM tools to detect abnormal activity.

• Audit ESXi logs for unauthorized changes.

Conclusion

With new VMware ESXi vulnerabilities being discovered frequently, it is crucial to stay proactive by applying patches, securing access, and monitoring activity.

✅ Take Action Now: Update to ESXi 8.0 Update 3d to protect your virtual environment from remote code execution (RCE) vulnerabilities and potential VM escape attacks.

🔗 Official VMware Patch: ESXi 8.0 Update 3d – Broadcom

📌 Stay Secure! Follow VMware’s security advisories to keep your ESXi hosts safe from cyber threats.