CVEFinder.io

CVE-2025-41246

⚠️ high
🔍 Scan for this CVE
Summary

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls. A malicious actor with non-administrative privileges on a guest VM, who is already authenticated through vCenter or ESX may exploit this issue to access other guest VMs. Successful exploitation requires knowledge of credentials of the targeted VMs and vCenter or ESX.

CVSS Score
7.6
High
EPSS Score
0.1
Exploit Probability
Published Date
2025-09-29
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 69.8% of all 318,332 vulnerabilities in our database.

#96,125
Above average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: Sep 30, 2025
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2025-09-29
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-863

📦 Affected Products 3

Vendor Product Status Affected Versions
vmware tools Affected
≥ 12.x.x < 12.5.4
vmware tools Affected
≥ 13.x.x.x < 13.0.5.0
vmware tools Affected
v11.x.x

🔗 References 1

https://support.broadcom.com/web/ecx/support-content...

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-41244 ⚠️ high 7.8 1.0 VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor wit... 2025-09-29
CVE-2025-41239 ⚠️ high 7.1 0.0 VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of ... 2025-07-15
CVE-2023-34057 ⚠️ high 7.8 0.1 VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest v... 2023-10-27
CVE-2023-34058 ⚠️ high 7.1 0.0 VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Opera... 2023-10-27
CVE-2023-20900 ⚠️ high 7.1 0.8 A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vspher... 2023-08-31
CVE-2023-20867 ℹ️ low 3.9 3.0 A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the con... 2023-06-13
These CVEs affect the same products