VMware ESXi ionic cloud driver heap overflow
CVE-2025-62623 Published on May 13, 2026

A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

NVD

Weakness Type

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2025-62623 has been classified to as a Buffer Overflow vulnerability or weakness.

Affected Versions

ESXi 8.x and ESXi 9.x hosts using AMD-Pensando DPU products Version ESXi 8.0U3i, included in VCF 5.2.3.0 or 9.0.2 releases is unaffected by CVE-2025-62623

Exploit Probability

EPSS

0.01%

Percentile

3.15%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

VMware ESXi ionic cloud driver heap overflowCVE-2025-62623 Published on May 13, 2026

Weakness Type

What is a Buffer Overflow Vulnerability?

Affected Versions

Exploit Probability

VMware ESXi ionic cloud driver heap overflow
CVE-2025-62623 Published on May 13, 2026