AI description
CVE-2025-22247 is a vulnerability in VMware Tools that stems from insecure file handling. A malicious actor with non-administrative privileges within a guest virtual machine can exploit this vulnerability to tamper with local files. This tampering can then trigger insecure file operations within the VM. This vulnerability, also known as ShadowWrite, allows low-privilege users inside a virtual machine to silently modify files, potentially influencing privileged operations or altering system behavior without detection. It affects VMware Tools versions 11.x and 12.x on Windows and Linux. There are currently no workarounds available, with patching being the recommended security measure. VMware has released version 12.5.2 to address the vulnerability.
- Description
- VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.
- Source
- security@vmware.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.1
- Impact score
- 4.2
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
- Severity
- MEDIUM
- security@vmware.com
- CWE-59
- Hype score
- Not currently trending
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/hrNmgI9pQU
@NoLabNoPartY
18 Aug 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/T8tZ8ijFMM
@NoLabNoPartY
13 Aug 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/Sr7eoYBr53
@NoLabNoPartY
9 Aug 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/1z4MkdrrnG
@NoLabNoPartY
4 Aug 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/8RMjRbTrpR
@NoLabNoPartY
2 Aug 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/oKbCRL8wIA
@NoLabNoPartY
31 Jul 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1⃣. CVE-2025-20281: Cisco ISE API Unauthenticated RCE - https://t.co/bpaj1sWXKa 2⃣. CVE-2025-29017: Internet Banking System 2.0 RCE via Profile Picture Upload - https://t.co/4SzolqXLza 3⃣. CVE-2025-22230, CVE-2025-22247: The Guest Who Could - Exploiting LPE in VMW
@ksg93rd
28 Jul 2025
326 Impressions
1 Retweet
2 Likes
2 Bookmarks
0 Replies
0 Quotes
برای ابزار VMware tools آسیب پذیری هایی با کدهای شناسایی CVE-2025-22230 و CVE-2025-22247 از نوع privilege escalation منتشر شده است. این آسیب پذیری باعث می شود که هر یوزری به یوزر system در
@AmirHossein_sec
27 Jul 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/Whc0Hdf2WX
@NoLabNoPartY
26 Jul 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
👑 Our researcher has discovered LPE in VMWare Tools (CVE-2025-22230 & CVE-2025-22247) via VGAuth! Write-up by the one who broke it: Sergey Bliznyuk https://t.co/kIYroVd8HQ
@akaclandestine
26 Jul 2025
2723 Impressions
9 Retweets
40 Likes
22 Bookmarks
1 Reply
0 Quotes
CVE-2025-22230 & CVE-2025-22247 : LPE in VMWare Tools via VGAuth The Guest Who Could: Exploiting LPE in VMWare Tools https://t.co/vFTTkVST3g https://t.co/TGGiqwTppz
@freedomhack101
23 Jul 2025
53 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
👑 Our researcher has discovered LPE in VMWare Tools (CVE-2025-22230 & CVE-2025-22247) via VGAuth! Write-up by the one who broke it: Sergey Bliznyuk (@justbronzebee) https://t.co/8IECtEVd44 https://t.co/SE5fOxx3b5
@ptswarm
22 Jul 2025
5931 Impressions
37 Retweets
93 Likes
31 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/RIF4WMKs2z
@NoLabNoPartY
20 Jul 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità https://t.co/wO5Y8y2VCq
@NoLabNoPartY
17 Jul 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Due to community requests about VMWare open-vm-tools CVE-2025-22247, we're releasing patched versions of open-vm-tools on AlmaLinux ahead of our upstream. Learn more and help us with testing 👇 https://t.co/xav2SwJLGx
@AlmaLinux
17 Jun 2025
1197 Impressions
12 Retweets
39 Likes
4 Bookmarks
0 Replies
0 Quotes
🔐 Critical Patch Alert! CVE-2025-22247 in open-vm-tools allows file manipulation attacks (CVSS 6.9). ✅ Fixed in v12.5.2 ✅ Affects SUSE Linux 15 SP7 ✅ Patch now: zypper in -t patch [module] 📌 Details: 👉 https://t.co/plNwKCX2Ke #DevOps #CloudSe
@Cezar_H_Linux
30 May 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Urgent: SUSE patches CVE-2025-22247 in open-vm-tools (CVSS 6.9). 🔸 Impacts: SUSE Linux 15 SP7 🔸 Fixes: File-handling vuln + GCC 15/containerd fixes 🔸 Update via zypper patch Read more: 👉https://t.co/5kJ8RxXImY #infosec https://t.co/ioQGaQYDHU
@Cezar_H_Linux
30 May 2025
33 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
[ Blog ] VMware Tools vulnerability CVE-2025-22247 https://t.co/lrGgy0T7WK #CVE #securityadvisory #vulnerabilità
@NoLabNoPartY
25 May 2025
90 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware Tools | CVE-2025-22247 @VMware #VMware #VMwareTools https://t.co/6atzSRPARV
@batuhandemirdal
21 May 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-22247 Alert 🚨 Debian 11’s Open-VM-Tools has a file-handling flaw (VMSA-2025-0007). Patch immediately to block local VM exploits! ✅ Fixed in v2:11.2.5-2+deb11u4 Read more: 👇 https://t.co/huwUshh0ha #CyberSecurity #SysAdmin https://t.co/Ic84UtNq2s
@Cezar_H_Linux
15 May 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad de Gestión de Archivos Insegura en VMWare Tools [CVE-2025-22247] VMware ha evaluado la gravedad de este problema como Moderada con una puntuación base CVSSv3 máxima de 6,1. #VMWareTools #InsecureFileHandling #CVE202522247 https://t.co/Q90nR2MRxe
@_Ninhack
14 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-22247: Open VM Tools flaw in Ubuntu lets attackers overwrite files as admin. Patch ASAP! 📌 Affects 20.04 LTS → 25.04 📌 Mitigation: sudo apt update && sudo apt upgrade Read more: 👉https://t.co/7Uv9HZXMlS #LinuxSecurity #DevOps https://t.co/Es8oOj
@Cezar_H_Linux
13 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware ToolsにCVE-2025-22247の脆弱性が発見され、非管理者ユーザーがゲストVM内のファイルを操作し、不正なファイル操作を引き起こす可能性がある。WindowsおよびLinux環境が影響を受け、VMwareはバージョン12.5.2で修
@01ra66it
13 May 2025
959 Impressions
3 Retweets
12 Likes
4 Bookmarks
0 Replies
0 Quotes
Threat Alert: VMware Tools Vulnerability Allows Attackers to Modify Files and Launch Malicious CVE-2025-22247 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/WhI6SC8xqw #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
13 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alert: VMware Tools vulnerability (CVE-2025-22247) allows file tampering in VMs. Immediate patching recommended. #CyberSecurity #VMware #Vulnerability https://t.co/EM2ML7Adwi
@dailytechonx
12 May 2025
32 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨VMSA-2025-0007: VMware Tools update addresses an insecure file handling vulnerability (CVE-2025-22247)📌 #vExpert #vCommunity #VMware #Broadcom #VMUG #TechCommunity #VMwareExplore #vExpertProgram #vCommunity #VMwarebyBroadcom https://t.co/F4ohIad8de
@BhanuNaik_2026
12 May 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22247 VMware Tools Local Privilege Escalation via Insecure File Handlin... https://t.co/jxmU6RCqpz Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
@VulmonFeeds
12 May 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22247 VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigge… https://t.co/4XNLZypxtj
@CVEnew
12 May 2025
457 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes