A critical vulnerabilities in VMware Tools that could allow attackers with basic user access to escalate privileges to full system control.
The vulnerabilities, discovered by penetration tester Sergey Bliznyuk from PT Security, affect the VMware Guest Authentication Service (VGAuth) component and have been assigned CVE-2025-22230 and CVE-2025-22247.
The first vulnerability, CVE-2025-22230, stems from a fundamental vulnerability in how VGAuth creates private communication pipes for user sessions.
When establishing a session, the service creates a named pipe with a predictable format using the pattern \\.\pipe\vgauth-service-<username>.
However, the implementation fails to use the FILE_FLAG_FIRST_PIPE_INSTANCE flag, allowing malicious users to create the pipe before the service does.
This design weakness enables a classic named pipe hijacking attack. Attackers can pre-create a pipe named \\.\pipe\vgauth-service-system with permissive access controls, then request a session for the “system” username.
These vulnerabilities impact VMware Tools 12.5.0 and earlier versions, potentially affecting millions of virtual machines running on VMware infrastructure worldwide.
When VGAuth attempts to create its private pipe, it inadvertently uses the attacker’s pre-existing pipe instead, effectively granting the attacker superuser privileges within the VGAuth protocol.
This bypass allows unauthorized access to sensitive operations typically reserved for system-level processes.
Critical Vulnerabilities in VMware Tools
The second vulnerability, CVE-2025-22247, exploits insufficient input validation in username parameters combined with insecure symbolic link handling.
VGAuth allows superusers to manipulate alias stores for any username without proper sanitization, enabling path traversal attacks using sequences like ../../../../../../evil. This allows attackers to break out of the intended alias store directory and target arbitrary file paths.
The check for FILE_ATTRIBUTE_REPARSE_POINT may look like link following protection, especially considering Microsoft’s for this attribute.
The vulnerability becomes particularly dangerous when combined with symbolic link manipulation techniques.
Attackers can create symbolic links pointing to legitimate alias store files during initial validation, then switch the link targets using opportunistic locks to redirect file operations to privileged system locations.
This technique enables two primary attack vectors: arbitrary file deletion by exploiting the RemoveAlias operation when removing the last certificate from a store, and arbitrary file writing by manipulating the file replacement process when updating alias stores.
Patches Released
Broadcom has addressed both vulnerabilities through a coordinated patching effort. CVE-2025-22230 was resolved in VMware Tools 12.5.1, released on March 25, 2025, which randomizes private pipe names using UUIDs and implements proper pipe creation flags to prevent hijacking attempts.
CVE-2025-22247 received its fix in VMware Tools 12.5.2, released on May 12, 2025, which eliminates path traversal by rejecting usernames containing unsafe characters and adds runtime path validation using GetFinalPathNameByHandleW.
The disclosure timeline demonstrates responsible security practices, with PT Security reporting the vulnerabilities to Broadcom on March 5, 2025, allowing for proper remediation before public disclosure.
Organizations running VMware environments should prioritize updating to the latest VMware Tools versions to mitigate these critical security risks.
The vulnerabilities highlight the importance of secure coding practices in privileged system services, particularly regarding input validation and inter-process communication mechanisms.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
.webp?w=356&resize=356,220&ssl=1 "Microsoft Teams Blocking Users from Accessing Embedded Office Documents")
