Heap Overflow in VMware ESXi Ionic Cloud Driver Enables Priv Escalation
CVE-2025-62624 Published on May 13, 2026

A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

NVD

Weakness Type

Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Affected Versions

ESXi 8.x and ESXi 9.x hosts using AMD-Pensando DPU products Version ESXi 8.0U3i, included in VCF 5.2.3.0 or 9.0.2 releases is unaffected by CVE-2025-62624

Exploit Probability

EPSS

0.01%

Percentile

3.15%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Heap Overflow in VMware ESXi Ionic Cloud Driver Enables Priv EscalationCVE-2025-62624 Published on May 13, 2026

Weakness Type

Heap-based Buffer Overflow

Affected Versions

Exploit Probability

Heap Overflow in VMware ESXi Ionic Cloud Driver Enables Priv Escalation
CVE-2025-62624 Published on May 13, 2026