VMware ESXi Zero-Day CVE-2025-22226 Exploited a Year Before Disclosure

Why It Matters

Serious vulnerabilities in VMware ESXi 8.0 Update3 have been observed being used in the wild, allowing attackers to break out of a virtual machine and gain control of the hypervisor itself. If you run ESXi in your data centre or home lab, this could mean a complete compromise of every workload on the host.

What Is It

The issue comprises three separate zeroday vulnerabilities identified as CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226. CVE-2025-22224 is rated critical (CVSS9.3), while CVE-2025-22225 and CVE-2025-22226 have lower severity scores of CVSS8.2 and CVSS7.1 respectively. Together they are believed to form a chained exploit that lets an attacker move from a guest VM to the privileged VMX process.

Who's Affected

The vulnerable software is VMware ESXi 8.0 Update3. No other versions are mentioned in the available data.

Technical Details

Analysis indicates the exploitation begins with a compromised SonicWall VPN appliance that delivers a custom ESXi exploit toolkit. The toolkit is thought to chain the three vulnerabilities as follows:

• A potential outofbounds read in the HGFS driver may leak memory from the VMX process.
• A potential outofbounds write via VMCI could allow code execution as the privileged VMX process.
• If both steps succeed, an attacker who already has administrative access inside the guest VM could escape to the VMX process, effectively breaking out of the sandbox.

The activity appears to be linked to Chinesespeaking threat actors, and the toolkit was observed in the wild prior to public disclosure.

What To Do

Immediate steps to protect your environment:

• Apply the latest VMware ESXi security updates that address CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226.
• Deploy the YARA and Sigma detection rules released to spot the exploit toolkit and its components.
• Secure any SonicWall VPN appliances: enforce strong authentication, limit Internet exposure and harden the VPN service.
• Restrict Domain Admin credentials, monitor RDP logins and enforce leastprivilege access to domain controllers.

Conclusion

These vulnerabilities demonstrate how a compromised network appliance can become a stepping stone to full hypervisor takeover. By patching promptly, deploying detection rules and tightening VPN and domaincontroller controls, you can dramatically reduce the risk of a similar escape in your own infrastructure.