Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN167

_____________________________________________________________________

DATE                : 25/03/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows running VMware Tools versions prior to
                                      12.5.1.

=====================================================================
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518
_____________________________________________________________________

VMSA-2025-0005: VMware Tools for Windows update addresses an
authentication bypass vulnerability (CVE-2025-22230)

Product/Component
VMware vSphere ESXi

Notification Id
25518

Last Updated
25 March 2025

Initial Publication Date
25 March 2025

Status
OPEN

Severity
HIGH

CVSS Base Score
7.8

WorkAround

Affected CVE
CVE-2025-22230
 
Advisory ID:  	VMSA-2025-0005
Advisory Severity: 	Important
CVSSv3 Range: 	7.8
Synopsis: 	VMware Tools for Windows update addresses an
         authentication bypass vulnerability (CVE-2025-22230)
Issue date: 	2025-03-25
Updated on: 	2025-03-25 (Initial Advisory)
CVE(s) 	CVE-2025-22230

 
1. Impacted Products

    VMware Tools 


2. Introduction

An authentication bypass vulnerability in VMware Tools for
Windows was privately reported to VMware. Updates are available
to remediate this vulnerability in the affected VMware products.


3. VMware Tools authentication bypass vulnerability (CVE-2025-22230)

Description: 
VMware Tools for Windows contains an authentication bypass
vulnerability due to improper access control. VMware has evaluated
the severity of this issue to be in the Important severity range
with a maximum CVSSv3 base score of 7.8.

Known Attack Vectors:
A malicious actor with non-administrative privileges on a
Windows guest VM may gain ability to perform certain
high-privilege operations within that VM.


Resolution: 
To remediate CVE-2025-22230 apply the patches listed in the
'Fixed Version' column of the 'Response Matrix' found below.


Workarounds:
None


Additional Documentation:
None


Acknowledgements:  
VMware would like to thank Sergey Bliznyuk of Positive
Technologies for reporting this issue to us.

Notes:
[1] VMware Tools 12.4.6 which is part of VMware Tools 12.5.1
addresses the issue for Windows 32-bit .
[2] This issue affects only VMware Tools for Windows.

Response Matrix:
VMware Product 	Version   Running On   CVE   CVSSv3  Severity
Fixed Version   Workarounds   Additional Documentation

VMware Tools [2]   12.x.x, 11.x.x    Windows   CVE-2025-22230
7.8    Important   12.5.1 [1]   None    None

VMware Tools    12.x.x, 11.x.x 	Linux    CVE-2025-22230   N/A
N/A 	Unaffected    None    None

VMware Tools    12.x.x, 11.x.x    macOS   CVE-2025-22230   N/A 	N/A 	
Unaffected    None     None
 

4. References:

Fixed Version(s) and Release Notes:

VMware Tools 12.5.1
Downloads and Documentation:
https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Tools&displayGroup=VMware%20Tools%2012.x&release=12.5.1&os=&servicePk=&language=EN&freeDownloads=true
https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/tools/12-5-0/release-notes/vmware-tools-1251-release-notes.html

Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22230

FIRST CVSSv3 Calculator:
CVE-2025-22230: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H


5. Change Log:

2025-03-25 VMSA-2025-0005
Initial security advisory.


6. Contact:


E-mail: vmware.psirt@broadcom.com

PGP key
https://knowledge.broadcom.com/external/article/321551

VMware Security Advisories
https://www.broadcom.com/support/vmware-security-advisories

VMware External Vulnerability Response and Remediation Policy
https://www.broadcom.com/support/vmware-services/security-response

VMware Lifecycle Support Phases

https://support.broadcom.com/group/ecx/productlifecycle

VMware Security Blog

https://blogs.vmware.com/security

X
https://x.com/VMwareSRC

Copyright 2025 Broadcom. All rights reserved.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================