CVE-2025-41244

⚠️ high

Summary

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.

CVSS Score

7.8

High

EPSS Score

1.0

Exploit Probability

Published Date

2025-09-29

First Seen: 2026-01-05

📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 69.7% of all 322,079 vulnerabilities in our database.

#97,519

Above average severity

Severity Percentile

🎯 CISA SSVC Assessment Updated: Oct 30, 2025

🔍 Exploitation Status

Active

Exploits detected in the wild

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Total

Complete system compromise possible

SSVC data provided by CISA

Last Modified 2025-11-06

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE IDs (Weakness Types)

CWE-267

📦 Affected Products 10

Vendor	Product	Status	Affected Versions
debian	debian_linux	Affected	v11.0
vmware	tools	Affected	≥ 12.5.0 < 12.5.4
vmware	tools	Affected	≥ 13.0.0.0 < 13.0.5.0
vmware	cloud_foundation	Affected	≥ 4.0 ≤ 5.2.2
vmware	open_vm_tools	Affected	≥ 11.2.0 < 12.5.4
vmware	open_vm_tools	Affected	v13.0.0
vmware	aria_operations	Affected	≥ 8.0 < 8.18.5
vmware	telco_cloud_platform	Affected	≥ 4.0 < 5.0.1
vmware	telco_cloud_infrastructure	Affected	≥ 2.2 ≤ 3.0
vmware	cloud_foundation_operations	Affected	v9.0

🔗 References 6

http://support.broadcom.com/group/ecx/support-conten...

Permissions Required

http://www.openwall.com/lists/oss-security/2025/09/2...

Mailing List Third Party Advisory

https://lists.debian.org/debian-lts-announce/2025/10...

Mailing List Third Party Advisory

https://blog.nviso.eu/2025/09/29/you-name-it-vmware-...

Exploit Third Party Advisory

https://support.broadcom.com/web/ecx/support-content...

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities...

US Government Resource

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-31431	⚠️ high	7.8	2.4	In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-pla...	2026-04-22
CVE-2026-4775	⚠️ high	7.8	0.0	A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the ...	2026-03-24
CVE-2026-1940	🔶 medium	5.1	0.0	An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added...	2026-03-23
CVE-2025-63261	⚠️ high	7.8	0.1	AWStats 8.0 is vulnerable to Command Injection via the open function	2026-03-20
CVE-2026-22719	⚠️ high	8.1	7.4	VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this is...	2026-02-25
CVE-2026-22720	⚠️ high	8.0	0.1	VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create...	2026-02-25

These CVEs affect the same products