CVE-2025-41244

HIGH CISA KEV EPSS 94.0%

Published Sep 29, 20259mo ago · Modified Jun 17, 20261w ago

7.8 CVSS 3.1

High

Find Similar

Published Sep 29, 2025 9mo ago

Last Modified Jun 17, 2026 1w ago

KEV Listed Oct 30, 2025 8mo ago

KEV Due Nov 20, 2025 222d overdue

Description

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.

CVSS Details

Base Score

7.8

Exploitability

1.8

Impact

5.9

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

CISA Known Exploited Overdue 222d

Added: Oct 30, 2025
Due: Nov 20, 2025

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

EPSS Exploit Probability

94.0% percentile

Exploit & Patch Status

Actively Exploited (KEV)

No Patch Available

Weaknesses 1

CWE-267

Affected Products 12

Vendor	Product	Version	Range
vmware	aria_operations	*	≥8.0 – <8.18.5
vmware	cloud_foundation	*	≥4.0 – ≤5.2.2
vmware	cloud_foundation_operations	9.0	any
vmware	open_vm_tools	*	≥11.2.0 – <12.5.4
vmware	open_vm_tools	13.0.0	any
vmware	telco_cloud_infrastructure	*	≥2.2 – ≤3.0
vmware	telco_cloud_platform	*	≥4.0 – <5.0.1
debian	debian_linux	11.0	any
vmware	tools	*	≥12.5.0 – <12.5.4
vmware	tools	*	≥13.0.0.0 – <13.0.5.0
linux	linux_kernel	*	any
microsoft	windows	*	any

References 6

support.broadcom.com http://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149

Permissions Required
openwall.com http://www.openwall.com/lists/oss-security/2025/09/29/10

Mailing ListThird Party Advisory
blog.nviso.eu https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/

ExploitThird Party Advisory
lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00000.html

Mailing ListThird Party Advisory
support.broadcom.com https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149

Vendor Advisory
cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244

US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.