vulnerability

Amazon Linux 2023: CVE-2025-22247: Medium priority package update for open-vm-tools

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:P/I:C/A:N)	May 12, 2025	Jun 3, 2025	Jun 3, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:P/I:C/A:N)

Published

May 12, 2025

Added

Jun 3, 2025

Modified

Jun 3, 2025

Description

A vulnerability was found in open-vm-tools. A malicious actor with non-administrative privileges on a guest virtual machine (VM) may tamper with the local files to trigger insecure file operations within that VM.

Solution(s)

amazon-linux-2023-upgrade-open-vm-toolsamazon-linux-2023-upgrade-open-vm-tools-debuginfoamazon-linux-2023-upgrade-open-vm-tools-debugsourceamazon-linux-2023-upgrade-open-vm-tools-desktopamazon-linux-2023-upgrade-open-vm-tools-desktop-debuginfoamazon-linux-2023-upgrade-open-vm-tools-develamazon-linux-2023-upgrade-open-vm-tools-salt-minionamazon-linux-2023-upgrade-open-vm-tools-sdmpamazon-linux-2023-upgrade-open-vm-tools-sdmp-debuginfoamazon-linux-2023-upgrade-open-vm-tools-testamazon-linux-2023-upgrade-open-vm-tools-test-debuginfo

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today