On July 15, 2025, VMware released a security advisory detailing 3 critical vulnerabilities identified across its product range. These security flaws could potentially enable an attacker to execute code on susceptible devices.
Consequently, it is highly recommended that all affected products be updated without delay. Priority should be given to those products hosting virtual machines that are exposed to the Internet.
It is noteworthy that these specific vulnerabilities were previously exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest, which took place in May 2025.