VMware ESXi gets critical patches for in-the-wild virtual machine escape attack

Broadcom released emergency patches for its VMware ESXi, Workstation, and Fusion products to fix three vulnerabilities that can lead to virtual machine escape and are actively being exploited by attackers. Products that include VMware ESXi, such as VMware vSphere, VMware Cloud Foundation, and VMware Telco Cloud Platform, are also impacted.

VMware products, especially the ESXi enterprise hypervisor, are high-value targets and have been repeatedly attacked by cybercriminal and cyberespionage groups over the years. Hypervisors, or virtual machine monitors, are the virtualization software used to create and run virtual machines.

Virtual machine escapes, in which an attacker with access to a guest VM can take over the entire host server, are the most serious hypervisor attacks because they violate the core security principle that virtualization is supposed to offer: complete isolation between guest operating systems and the host OS.