A high-severity security flaw in VMware Tools for Windows could be exploited by a malicious actor with non-administrative privileges, allowing them to perform high-privilege operations within a virtual machine. Broadcom has released a security patch to address the issue, rated 7.8 on the Common Vulnerability Scoring System (CVSS). The vulnerability affects versions 11.x.x and 12.x.x, and no workarounds are available. It is recommended that users apply the update as soon as possible to prevent exploitation.
Source: https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html