Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/114507677820745663">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 15-May-2025 03:48:35 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/114223934084505618" rel="in-reply-to">in reply to</a></div></section><article><p>Reupping this thread - remember to patch both <a href="https://cyberplace.social/tags/ESXicape" rel="tag">#ESXicape</a> and CVE-2025-22230 in VMware Tools. </p><p>The four vulns chained together allow full hypervisor escape from a Windows VM, without needing admin rights, gaining full SAN storage access to all VMs from one host - including to backups. </p><p>I understand technical exploitation details for this will start to emerge in public late next week, which will enable more groups to jump on the bandwagon.  Currently limited to a ransomware group.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4672334#notice-9906860">In conversation</a><time datetime="2025-05-15T03:48:35+09:00" title="Thursday, 15-May-2025 03:48:35 JST">about a month ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/114507677820745663" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/114507677820745663">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 15-May-2025 03:48:35 JST Kevin Beaumont
in reply to
Reupping this thread - remember to patch both #ESXicape and CVE-2025-22230 in VMware Tools.
The four vulns chained together allow full hypervisor escape from a Windows VM, without needing admin rights, gaining full SAN storage access to all VMs from one host - including to backups.
I understand technical exploitation details for this will start to emerge in public late next week, which will enable more groups to jump on the bandwagon. Currently limited to a ransomware group.
In conversationabout a month ago from cyberplace.socialpermalink

Public

Embed Notice

HTML Code

Corresponding Notice