VMSA-2025-0007: VMware Tools update addresses an insecure file handling vulnerability (CVE-2025-22247)
25683
12 May 2025
12 May 2025
OPEN
MEDIUM
6.1
None
CVE-2025-22247
| Advisory ID: | VMSA-2025-0007 |
| Advisory Severity: | Moderate |
| CVSSv3 Range: | 6.1 |
| Synopsis: | VMware Tools update addresses an insecure file handling vulnerability (CVE-2025-22247) |
| Issue date: | 2025-05-12 |
| Updated on: | 2025-05-12 (Initial Advisory) |
| CVE(s) | CVE-2025-22247 |
1. Impacted Products
-
VMware Tools
2. Introduction
An an insecure file handling vulnerability in VMware Tools was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.
3. VMware Tools Insecure File Handling Vulnerability (CVE-2025-22247)
Description:
VMware Tools contains an insecure file handling vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.1.
Known Attack Vectors:
A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.
Resolution:
To remediate CVE-2025-22247 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds:
None
Additional Documentation:
None
Acknowledgements:
VMware would like to thank Sergey Bliznyuk of Positive Technologies for reporting this issue to us.
Notes:
[1] VMware Tools 12.4.7 which is part of VMware Tools 12.5.2, also addresses the issue for Windows 32-bit.
[2] A version of open-vm-tools that addresses CVE-2025-22247 will be distributed by Linux vendors.
[3] Fixed versions may differ based on the Linux distribution version and the distribution vendor.
Response Matrix:
|
VMware Product |
Version |
Running On |
CVE |
CVSSv3 |
Severity |
Fixed Version |
Workarounds |
Additional Documentation |
|---|---|---|---|---|---|---|---|---|
|
VMware Tools |
12.x.x, 11.x.x | Windows | CVE-2025-22247 | 6.1 | Moderate |
12.5.2 [1] |
None |
None |
|
VMware Tools [2] |
12.x.x, 11.x.x | Linux | CVE-2025-22247 | 6.1 | Moderate |
12.5.2 [3] |
None |
None |
|
VMware Tools |
12.x.x, 11.x.x | macOS | CVE-2025-22247 | N/A | N/A |
Unaffected |
N/A |
N/A |
4. References:
Fixed Version(s) and Release Notes:
VMware Tools 12.5.2
Downloads and Documentation:
https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Tools&displayGroup=VMware%20Tools%2012.x&release=12.5.2&os=&servicePk=&language=EN&freeDownloads=true
https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/tools/12-5-0/release-notes/vmware-tools-1252-release-notes.html
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22247
FIRST CVSSv3 Calculator:
CVE-2025-22247: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
5. Change Log:
2025-05-12 VMSA-2025-0007
Initial security advisory.
6. Contact:
E-mail: [email protected]
PGP key
https://knowledge.broadcom.com/external/article/321551
VMware Security Advisories
https://www.broadcom.com/support/vmware-security-advisories
VMware External Vulnerability Response and Remediation Policy
https://www.broadcom.com/support/vmware-services/security-response
VMware Lifecycle Support Phases
https://support.broadcom.com/group/ecx/productlifecycle
VMware Security Blog
https://blogs.vmware.com/security
Copyright 2025 Broadcom. All rights reserved.