HIGH SeverityCVSS 4.07.2CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:H/SI:L/SA:H
CVE-2025-62627
Last updated May 13, 2026 · Published May 13, 2026
Description
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.
Affected products
1 listed- AMD:ESXi 8.x and ESXi 9.x hosts using AMD-Pensando DPU products
Mappings
CWE
CWE-822
CAPEC
None listed.
CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms