CVE-2025-62624

Summary

A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AMDESXi 8.x and ESXi 9.x hosts using AMD-Pensando DPU productsESXi 8.0U3i, included in VCF 5.2.3.0 or 9.0.2 releasesunaffected

Weaknesses

  • CWE-122: CWE-122 Heap-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References