Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN296

_____________________________________________________________________

DATE                : 12/05/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running VMware Tools versions prior to
                                       12.5.2.

=====================================================================
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683
_____________________________________________________________________

VMSA-2025-0007: VMware Tools update addresses an insecure file
handling vulnerability (CVE-2025-22247)

Product/Component
VMware vSphere ESXi

Notification Id
25683

Last Updated
12 May 2025

Initial Publication Date
12 May 2025

Status
OPEN

Severity
MEDIUM

CVSS Base Score
6.1

WorkAround
None

Affected CVE
CVE-2025-22247

 
Advisory ID:  	VMSA-2025-0007
Advisory Severity: 	Moderate
CVSSv3 Range: 	6.1
Synopsis: 	VMware Tools update addresses an insecure file
                    handling vulnerability (CVE-2025-22247)
Issue date: 	2025-05-12
Updated on: 	2025-05-12 (Initial Advisory)
CVE(s) 	CVE-2025-22247

 
1. Impacted Products

    VMware Tools 

2. Introduction

An an insecure file handling vulnerability in VMware Tools was
privately reported to VMware. Updates are available to remediate
this vulnerability in the affected VMware products.

3. VMware Tools Insecure File Handling Vulnerability (CVE-2025-22247) 

Description: 
VMware Tools contains an insecure file handling vulnerability. VMware
has evaluated the severity of this issue to be in the Moderate
severity range with a maximum CVSSv3 base score of 6.1.

Known Attack Vectors:
A malicious actor with non-administrative privileges on a guest VM
may tamper the local files to trigger insecure file operations
within that VM.

Resolution: 
To remediate CVE-2025-22247 apply the patches listed in the 'Fixed
Version' column of the 'Response Matrix' found below.

Workarounds:
None

Additional Documentation:
None

Acknowledgements:  
VMware would like to thank Sergey Bliznyuk of Positive Technologies
for reporting this issue to us.

Notes:
[1] VMware Tools 12.4.7 which is part of VMware Tools 12.5.2, also
addresses the issue for Windows 32-bit.
[2] A version of open-vm-tools that addresses CVE-2025-22247 will
be distributed by Linux vendors. 
[3] Fixed versions may differ based on the Linux distribution
version and the distribution vendor.

Response Matrix:

VMware Product    Version    Running On    CVE    CVSSv3   Severity
Fixed Version    Workarounds     Additional Documentation

VMware Tools    12.x.x, 11.x.x 	Windows     CVE-2025-22247   6.1 
Moderate     12.5.2 [1]    None    None

VMware Tools [2]    12.x.x, 11.x.x     Linux     CVE-2025-22247    6.1 
Moderate    12.5.2 [3]    None    None

VMware Tools    12.x.x, 11.x.x     macOS     CVE-2025-22247    N/A
N/A 	Unaffected    N/A    N/A
 

4. References:

Fixed Version(s) and Release Notes:

VMware Tools 12.5.2
Downloads and Documentation:
https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Tools&displayGroup=VMware%20Tools%2012.x&release=12.5.2&os=&servicePk=&language=EN&freeDownloads=true
https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/tools/12-5-0/release-notes/vmware-tools-1252-release-notes.html

Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22247 

FIRST CVSSv3 Calculator:
CVE-2025-22247: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N


5. Change Log:

2025-05-12 VMSA-2025-0007
Initial security advisory.


6. Contact:

E-mail: vmware.psirt@broadcom.com

PGP key
https://knowledge.broadcom.com/external/article/321551

VMware Security Advisories
https://www.broadcom.com/support/vmware-security-advisories

VMware External Vulnerability Response and Remediation Policy
https://www.broadcom.com/support/vmware-services/security-response

VMware Lifecycle Support Phases
https://support.broadcom.com/group/ecx/productlifecycle

VMware Security Blog
https://blogs.vmware.com/security

X
https://x.com/VMwareSRC

Copyright 2025 Broadcom. All rights reserved.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================