CVE-2025-41244

HIGH7.8

CISA KEV

Description

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

VMware / VCF operations9.0.x – 9.0.1.0
VMware / VMware Aria Operations8.18.x – 8.18.5
VMware / VMware Cloud Foundation4.x – 8.18.5
VMware / VMware Cloud Foundation5.x – 8.18.5
VMware / VMware Telco Cloud Infrastructure2.x – 8.18.5
VMware / VMware Telco Cloud Infrastructure3.x – 8.18.5
VMware / VMware Telco Cloud Platform5.x – 8.18.5
VMware / VMware Telco Cloud Platform4.x – 8.18.5
VMware / VMware tools13.x.x.x – 13.0.5.0
VMware / VMware tools12.5.x – 12.5.4

References

VENDOR_ADVISORYhttp://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149