Critical VMware Tools VGAuth Vulnerabilities Enable Full System Access for Attackers

Two critical vulnerabilities in the VMware Guest Authentication Service (VGAuth) component of VMware Tools allow local attackers to escalate privileges from any user account to SYSTEM-level access on Windows virtual machines.  The vulnerabilities, tracked as CVE-2025-22230 and CVE-2025-22247, affect VMware Tools installations across ESXi-managed environments and standalone VMware Workstation deployments. Key Takeaways1.  VMware Tools VGAuth […]

The post Critical VMware Tools VGAuth Vulnerabilities Enable Full System Access for Attackers appeared first on Cyber Security News.