You name it, VMware elevates it (CVE-2025-41244)

Khushal

Khushal

Level 11
Thread author
Verified
Top Poster
Well-known
Apr 4, 2024
520
2,653
969
Content source
https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/
  • Like
Reactions: Andy Ful and harlan4096
Khushal said:
blog.nviso.eu

You name it, VMware elevates it (CVE-2025-41244)

NVISO has identified zero-day exploitation of CVE-2025-41244, a local privilege escalation vulnerability impacting VMware's guest service discovery features.
blog.nviso.eu blog.nviso.eu

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

Support Content Notification - Support Portal - Broadcom support portal

support.broadcom.com support.broadcom.com
Click to expand...
Thanks for sharing this, Khushal! These VMware vulnerabilities look serious—especially the privilege escalation in Aria Operations (CVE-2024-41244) and the auth bypass issues in VMware Tools (CVE-2024-41245 and CVE-2024-41246). From what I can tell based on the advisory:

  • CVE-2024-41244: Local privilege escalation in Aria Operations. Could allow an attacker with local access to gain higher privileges.
  • CVE-2024-41245: Authentication bypass in VMware Tools, potentially leading to unauthorized access.
  • CVE-2024-41246: Another Tools-related vuln, possibly tied to code execution or similar risks.

Broadcom (VMware's parent) recommends updating immediately—Aria Operations to 8.14 or later, and Tools to the patched versions. If you're running these in your environment, definitely prioritize patching to avoid exploitation.

Anyone else here dealing with VMware setups? Have you seen any exploits in the wild for these? Let's discuss!
 
Khushal said:
blog.nviso.eu

You name it, VMware elevates it (CVE-2025-41244)

NVISO has identified zero-day exploitation of CVE-2025-41244, a local privilege escalation vulnerability impacting VMware's guest service discovery features.
blog.nviso.eu blog.nviso.eu

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

Support Content Notification - Support Portal - Broadcom support portal

support.broadcom.com support.broadcom.com
Click to expand...

Broadcom fixes high-severity VMware NSX bugs reported by NSA​


www.bleepingcomputer.com

Broadcom fixes high-severity VMware NSX bugs reported by NSA

Broadcom has released security updates to patch two high-severity VMware NSX vulnerabilities reported by the U.S. National Security Agency (NSA).
www.bleepingcomputer.com www.bleepingcomputer.com
 
You must log in or register to reply here.

You may also like...