CISA Confirms Active Exploitation of VMware ESXi CVE-2025-22225

CISA Confirms Active Exploitation of VMware ESXi CVE-2025-22225

First seen 5 Feb 2026, 11:54 UTC BleepingcomputerSecurityaffairs.CoCybersecuritynewsGbhackersCyberpress+2 59% similarity 20.3

Article Content

Browse articles
ThreatCluster

CISA has confirmed the active exploitation of a critical vulnerability in VMware ESXi, tracked as CVE-2025-22225. This zero-day flaw allows attackers to escape security sandboxes and is currently being used in ransomware operations. The vulnerability, classified as an arbitrary write memory issue, was added to CISA's Known Exploited Vulnerabilities catalog on March 4, 2025.

ThreatCluster AI

Community

Browse all →