← Voltar para CVEs
CVE-2025-41244
HIGHCISA KEV7.8
Descricao
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
Detalhes CVE
Pontuacao CVSS v3.17.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado9/29/2025
Ultima modificacao11/6/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorBroadcom
ProdutoVMware Aria Operations and VMware Tools
Nome da vulnerabilidadeBroadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability
Data inclusao KEV2025-10-30
Prazo de remediacao2025-11-20
Uso em ransomwareUnknown
Produtos afetados
debian:debian_linuxlinux:linux_kernelmicrosoft:windowsvmware:aria_operationsvmware:cloud_foundationvmware:cloud_foundation_operationsvmware:open_vm_toolsvmware:telco_cloud_infrastructurevmware:telco_cloud_platformvmware:tools
Fraquezas (CWE)
CWE-267
Referencias
http://www.openwall.com/lists/oss-security/2025/09/29/10(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/10/msg00000.html(af854a3a-2127-422b-91ae-364da2661108)
https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.