All posts tagged: HighSeverity

High-Severity Flaw Lets Hackers Bypass Authentication

High-Severity Flaw Lets Hackers Bypass Authentication

Image: Ferran Rodenas/Flickr/Creative Commons If you use VMware Tools for Windows, it is critical to update to the latest version. Broadcom, which acquired VMware for $69 billion in 2023, has issued a patch for a high-severity vulnerability that is actively being exploited by cybercriminals. The vulnerability affects VMware Tools for Windows versions 11.x.x and 12.x.x, but has been patched in version 12.5.1. Broadcom confirmed that no workarounds are available, so affected users should update immediately. What are the details about this authentication bypass vulnerability? VMware Tools for Windows is a suite of utilities that enhances the performance and functionality of Windows-based virtual machines running on VMware platforms. It supports functions like display resolution, seamless mouse and keyboard integration, and better time synchronization between host and guest systems. CVE-2025-22230 is classified as an “authentication bypass vulnerability,” according to Broadcom’s security advisory. While technical details remain limited, Broadcom suggests that the flaw results from improper access control mechanisms in some versions of VMware Tools for Windows. “A malicious actor with non-administrative privileges on a Windows guest (virtual …