← Volver a CVEs
CVE-2025-41244
HIGHCISA KEV7.8
Descripcion
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
Detalles CVE
Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado9/29/2025
Ultima modificacion11/6/2025
Fuentekev
Avistamientos honeypot0
CISA KEV
VendedorBroadcom
ProductoVMware Aria Operations and VMware Tools
Nombre vulnerabilidadBroadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability
Fecha inclusion KEV2025-10-30
Fecha limite remediacion2025-11-20
Uso en ransomwareUnknown
Productos afectados
debian:debian_linuxlinux:linux_kernelmicrosoft:windowsvmware:aria_operationsvmware:cloud_foundationvmware:cloud_foundation_operationsvmware:open_vm_toolsvmware:telco_cloud_infrastructurevmware:telco_cloud_platformvmware:tools
Debilidades (CWE)
CWE-267
Referencias
http://www.openwall.com/lists/oss-security/2025/09/29/10(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/10/msg00000.html(af854a3a-2127-422b-91ae-364da2661108)
https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.