Some kind of computer viruses or malicious software have been found to set up a rogue DHCP, especially for those classified in the category.
In addition, if a rogue DHCP is set to provide as default gateway an IP address of a machine controlled by a misbehaving user, it can sniff all the traffic sent by the clients to other networks, violating network security policies as well as user privacy (see man in the middle).
The VMware will act as a rogue DHCP server handing out random IP addresses to the clients around it on the network.
Rogue DHCP servers can be stopped by means of intrusion detection systems with appropriate signatures, as well as by some multilayer switches, which can be configured to drop the packets.
[1] Rogue DHCP servers can be detected using the software: Manual examination perusing Scapy package in Python: