China-Linked Hackers Achieve VMware ESXi VM Escape with Zero-Days (2025)
Executive Summary
In December 2025, security researchers discovered a sophisticated cyberattack attributed to Chinese-speaking threat actors who exploited three zero-day vulnerabilities in VMware ESXi (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226). The attackers gained initial access via a compromised SonicWall VPN appliance, followed by deploying a custom exploit toolkit designed to escape virtual machine isolation and compromise the hypervisor itself. Exploiting the flaws allowed attackers to run arbitrary code on the ESXi host, install persistent backdoors (via VSOCKpuppet), and potentially pave the way for ransomware or advanced persistent remote access, posing direct risks to organizations’ virtual infrastructure integrity.
This incident highlights the increased sophistication of state-linked APT actors in targeting virtualization platforms using zero-day techniques and bypassing traditional detection methods. As organizations continue to rely on virtualization and hybrid cloud environments, vigilance around hypervisor and access point security is paramount in defending against similar high-impact threats.
Why This Matters Now
This breach underscores the urgent risk of advanced attackers exploiting virtualization-layer zero-days to achieve full hypervisor compromise, bypassing east-west detection and exposing sensitive workloads. The increasing use of hypervisor escapes and sophisticated persistence techniques makes legacy controls insufficient, necessitating proactive patching and layered, zero trust-based defenses.
Attack Path Analysis
The attackers first compromised a SonicWall VPN appliance to gain a foothold in the network. They then escalated privileges by leveraging zero-day vulnerabilities in VMware ESXi, allowing code execution on the hypervisor. Utilizing these exploits, they moved laterally via virtual machine escape, deploying hostile code from compromised VMs to the ESXi host. Persistent command and control was established by installing a covert VSOCK-based backdoor, enabling remote shell and file transfer capabilities. While data exfiltration was facilitated through the VSOCK channel, the campaign was halted before ransomware deployment. The intended impact was likely ransomware detonation and possible business disruption, thwarted by early detection.
Kill Chain Progression
Initial Compromise
Description
Attackers exploited a SonicWall VPN appliance to obtain initial access into the victim environment, potentially leveraging exposed credentials or vulnerabilities.
Related CVEs
CVE-2025-22224
CVSS 9.3A TOCTOU (Time-of-Check Time-of-Use) vulnerability in VMware ESXi and Workstation allows a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host.
Affected Products:
VMware ESXi – 7.0, 8.0
VMware Workstation – 16.x, 17.x
Exploit Status:
exploited in the wildCVE-2025-22225
CVSS 8.2An arbitrary write vulnerability in VMware ESXi allows a malicious actor with privileges within the VMX process to trigger an arbitrary kernel write, leading to an escape of the sandbox.
Affected Products:
VMware ESXi – 7.0, 8.0
Exploit Status:
exploited in the wildCVE-2025-22226
CVSS 7.1An information disclosure vulnerability due to an out-of-bounds read in HGFS in VMware ESXi, Workstation, and Fusion allows a malicious actor with administrative privileges to a virtual machine to leak memory from the VMX process.
Affected Products:
VMware ESXi – 7.0, 8.0
VMware Workstation – 16.x, 17.x
VMware Fusion – 12.x, 13.x
Exploit Status:
exploited in the wild
MITRE ATT&CK® Techniques
ATT&CK techniques mapped from observed APT activity and zero-day exploitation; this mapping supports rapid filtering and can be expanded with full STIX/TAXII integration for greater fidelity.
Exploit Public-Facing Application
Command and Scripting Interpreter
Create or Modify System Process: Windows Service
Exploitation for Privilege Escalation
Exploitation of Remote Services
Impair Defenses: Disable or Modify Tools
Traffic Signaling: VSOCK
OS Credential Dumping
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Address Vulnerabilities for Custom and Public Web Applications
Control ID: 6.2.4
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA (Digital Operational Resilience Act) – ICT Risk Management Framework
Control ID: Art. 9(2)
CISA Zero Trust Maturity Model 2.0 – Inventory and Secure All Devices
Control ID: Asset Management: Device Security
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Information Technology/IT
Critical exposure to VMware ESXi zero-day exploits enabling VM escape attacks, compromising hypervisor infrastructure and bypassing traditional network monitoring through VSOCK communication.
Financial Services
High-value targets for Chinese APT groups exploiting virtualization infrastructure, risking data exfiltration and ransomware deployment while violating PCI compliance requirements.
Health Care / Life Sciences
Virtualized medical systems vulnerable to hypervisor compromise through SonicWall VPN entry points, threatening HIPAA compliance and patient data security.
Government Administration
National security implications from Chinese-linked threat actors targeting VMware infrastructure, requiring immediate CISA KEV vulnerability patching and enhanced monitoring capabilities.
Sources
- China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machineshttps://thehackernews.com/2026/01/chinese-linked-hackers-exploit-vmware.htmlVerified
- CISA Adds Four Known Exploited Vulnerabilities to Cataloghttps://www.cisa.gov/news-events/alerts/2025/03/04/cisa-adds-four-known-exploited-vulnerabilities-catalogVerified
- NVD - CVE-2025-22224https://nvd.nist.gov/vuln/detail/CVE-2025-22224Verified
- NVD - CVE-2025-22225https://nvd.nist.gov/vuln/detail/CVE-2025-22225Verified
- NVD - CVE-2025-22226https://nvd.nist.gov/vuln/detail/CVE-2025-22226Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Applying Zero Trust segmentation, east-west traffic inspection, inline threat prevention, and egress controls would have limited lateral movement between VMs and hypervisors, detected or denied exploitation attempts and command and control, and restricted data exfiltration opportunities. CNSF-aligned solutions reduce exposure across each stage by enforcing least privilege, gaining real-time visibility, and enabling prompt anomaly detection.
Control: Cloud Firewall (ACF)
Mitigation: Blocked known-bad or suspicious inbound access to VPN interfaces.
Control: Inline IPS (Suricata)
Mitigation: Detected exploit signatures, preventing execution of known or emerging exploit payloads.
Control: Zero Trust Segmentation
Mitigation: Restricted unauthorized intra-cloud (east-west) paths between VM workloads and hypervisor environments.
Control: Threat Detection & Anomaly Response
Mitigation: Alerted on unusual backdoor communications and privilege escalation patterns.
Control: Egress Security & Policy Enforcement
Mitigation: Prevented sensitive data from leaving critical segments through unauthorized outbound traffic.
Contained malicious actions within compromised segments, minimizing potential damage.
Impact at a Glance
Affected Business Functions
- Virtualization Infrastructure Management
- Data Center Operations
Estimated downtime: 3 days
Estimated loss: $500,000
Potential exposure of sensitive virtual machine data due to memory leaks and unauthorized code execution on the hypervisor.
Recommended Actions
Key Takeaways & Next Steps
- • Enforce Zero Trust segmentation and microsegmentation between VMs and hypervisors to block lateral movement and sandbox escapes.
- • Deploy inline IPS and anomaly response to detect and prevent zero-day exploits targeting virtualization infrastructure.
- • Mandate strict egress controls and cloud firewall policies to limit unauthorized outbound and inter-segment traffic.
- • Enhance visibility across multicloud/hybrid environments to rapidly identify anomalous internal flows and backdoor communications.
- • Regularly audit and harden VPN endpoints and management interfaces to reduce initial access risk.
