Untrusted Ptr Deref in VMware ESXi Ionic Cloud Driver Enables Kernel Read
CVE-2025-62627 Published on May 13, 2026

An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.

NVD

Weakness Type

Untrusted Pointer Dereference

The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

Affected Versions

ESXi 8.x and ESXi 9.x hosts using AMD-Pensando DPU products Version ESXi 8.0U3i, included in VCF 5.2.3.0 or 9.0.2 releases is unaffected by CVE-2025-62627

Exploit Probability

EPSS

0.01%

Percentile

2.83%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Untrusted Ptr Deref in VMware ESXi Ionic Cloud Driver Enables Kernel ReadCVE-2025-62627 Published on May 13, 2026

Weakness Type

Untrusted Pointer Dereference

Affected Versions

Exploit Probability

Untrusted Ptr Deref in VMware ESXi Ionic Cloud Driver Enables Kernel Read
CVE-2025-62627 Published on May 13, 2026