Description
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.
Published: 2026-05-13
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An untrusted pointer dereference in the ionic cloud driver for VMware ESXi could enable an attacker inside an unprivileged virtual machine to read data from the host kernel memory or from co‑located guest VMs. The data exposed could reveal sensitive information or disrupt service operations, leading to loss of confidentiality and availability.

Affected Systems

AMD Pensando DPU products deployed on VMware ESXi 8.x and ESXi 9.x hosts are vulnerable.

Risk and Exploitability

The CVSS score of 7.2 indicates a high severity vulnerability. While no EPSS score is available, the risk remains sufficiently high for environments that host untrusted VMs. The attack vector is an unprivileged VM on the same ESXi host, as the description explicitly states. The vulnerability is listed outside the CISA KEV catalog, and no known exploits are reported.

Generated by OpenCVE AI on May 13, 2026 at 04:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest AMD and VMware security patch that resolves the ionic cloud driver pointer dereference.
  • If a patch is not yet available, enforce stricter VM isolation by limiting unprivileged VMs from accessing the kernel or other guest memory through host security policies.
  • Monitor ESXi host logs and memory access patterns for unusual read activity and isolate affected VMs promptly.

Generated by OpenCVE AI on May 13, 2026 at 04:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 13 May 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd esxi 8.x And Esxi 9.x Hosts Using Amd-pensando Dpu Products
Vendors & Products Amd
Amd esxi 8.x And Esxi 9.x Hosts Using Amd-pensando Dpu Products

Wed, 13 May 2026 05:15:00 +0000

Type Values Removed Values Added
Title Untrusted Pointer Dereference in VMware ESXi Ionic Cloud Driver Enables Unprivileged VM Memory Leakage

Wed, 13 May 2026 03:30:00 +0000

Type Values Removed Values Added
Description An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.
Weaknesses CWE-822
References
Metrics cvssV4_0

{'score': 7.2, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:H/SI:L/SA:H'}

Subscriptions

Amd Esxi 8.x And Esxi 9.x Hosts Using Amd-pensando Dpu Products
cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published:

Updated: 2026-05-14T14:38:47.478Z

Reserved: 2025-10-16T20:46:13.455Z

Link: CVE-2025-62627

cve-icon Vulnrichment

Updated: 2026-05-13T14:37:55.041Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T04:17:35.780

Modified: 2026-05-13T14:49:11.830

Link: CVE-2025-62627

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T10:35:00Z

Weaknesses