VMware Hit with Three Zero-Day Vulnerabilities, Hackers Already Exploiting Them

On March 4, 2025, Broadcom released emergency patches for three new zero-day vulnerabilities affecting VMware, which are already being exploited by hackers. These vulnerabilities affect the products ESXi, Workstation, and Fusion. The CISA has added these vulnerabilities to its KEV catalog, requiring federal civilian agencies to patch them by March 25, 2025.