# CVE-2025-22224

> VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

- **CVSS:** 9.3 (CRITICAL)
- **EPSS:** 50.1%
- **CISA KEV:** yes
- **CWE:** CWE-367

Canonical: https://intel.threadlinqs.com/cve/CVE-2025-22224
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp