MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities

In December 2025, a security team caught a group of hackers just in time. Researchers Anna Pham and Matt Anderson from the firm Huntress recently detailed how these attackers managed to “escape” from a virtual machine to take over an entire host server. This research, shared with Hackread.com, reveals a toolkit that likely operated in secret for years.

As we know it, virtual machines (VMs) are like isolated digital rooms. If one gets a virus, the rest of the building should stay safe. However, these attackers used a VM Escape to break those walls. This allowed them to move from a guest computer into the brain of the main server, known as the ESXi hypervisor.

****How the Attack Started****

The hackers didn’t need a magic trick to get in. For your information, they used a stolen password to enter through a SonicWall VPN, a common tool for remote work. Once inside, they used a toolkit named MAESTRO.

Further probing revealed the hackers targeted a process called VMX. This is the assistant that helps the virtual computer talk to the main server for simple tasks like copying text.

By breaking this assistant, the hackers could give direct orders to the server. Researchers noted the hackers were very smart; they even changed the server’s settings to block it from “calling home” for help while they moved through the network to steal data. It is worth noting that the toolkit was incredibly powerful, working on 155 different versions of VMware software, from version 5.1 to 8.0.

****The Zero-Day Vulnerabilities****

The timeline is the most worrying part. While VMware fixed these holes (labelled CVE-2025-22224, 22225, and 22226) on March 4, 2025, researchers found the toolkit was built as far back as November 2, 2023. This means the attackers were likely using a zero-day (a flaw unknown to the creators) for over a year.

Further investigation revealed that the code contained notes in simplified Chinese, including a folder translated as “All version escape – delivery.” According to researchers, this points to a “well-resourced developer” likely based in a Chinese-speaking region.

Moreover, these hackers used a special invisible path called VSOCK to talk to the server. Most security tools look at normal internet traffic, but VSOCK is like a hidden tunnel inside the machine that firewalls cannot see.

VM Escape exploitation flow (Source: Huntress)

To stay safe, the Huntress team says companies must patch their systems immediately and check servers for strange activity. Although this attack was stopped before it became a ransomware disaster, it shows that even isolated systems need constant care.