Buffer overflow in Amd Esxi 8.x And 9.x Hosts Using Amd-pensando Dpu Products

CVE-2025-62623

A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Vulnerability class: Buffer Overflow

EPSS: 0.000 (4.2th percentile) — read the EPSS interpretation.

Affected products

Amd Esxi 8.x And 9.x Hosts Using Amd-pensando Dpu Products — versions ESXi 8.0U3i, included in VCF 5.2.3.0 or 9.0.2 releases

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@amd.com