← Retour aux CVEs
CVE-2025-41244
HIGHCISA KEV7.8
Description
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
Details CVE
Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie9/29/2025
Derniere modification11/6/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurBroadcom
ProduitVMware Aria Operations and VMware Tools
Nom vulnerabiliteBroadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability
Date ajout KEV2025-10-30
Date limite remediation2025-11-20
Utilise dans ransomwareUnknown
Produits affectes
debian:debian_linuxlinux:linux_kernelmicrosoft:windowsvmware:aria_operationsvmware:cloud_foundationvmware:cloud_foundation_operationsvmware:open_vm_toolsvmware:telco_cloud_infrastructurevmware:telco_cloud_platformvmware:tools
Faiblesses (CWE)
CWE-267
References
http://www.openwall.com/lists/oss-security/2025/09/29/10(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/10/msg00000.html(af854a3a-2127-422b-91ae-364da2661108)
https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.