A series of critical vulnerabilities in VMware's virtualization products have led to a widespread wave of ransomware attacks, compromising the infrastructures of numerous enterprises. Exploiting three CVEs—CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226—attackers gain elevated privileges, escape VM containment and enact widespread encryption. The healthcare and financial sectors were particularly hit, leading to encrypted patient record systems and transaction databases with ransoms ranging from $2 to $5 million. The severity of the impact was exacerbated by oversights in security monitoring, ineffective segmentation, and delay in implementing available patches. Despite the vulnerabilities being patched by Broadcom, the immediate need for urgent patch application and heightened vigilance remains crucial.
Source: https://cybersecuritynews.com/vmware-vulnerabilities-exploited-ransomware/
"id": "vmw423032425",
"linkid": "vmware",
"type": "Ransomware",
"date": "3/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"