CVE-2025-41244

HIGH 7.8

⚠️ CISA KEV

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.

CWE	CWE-267
Vendor	vmware
Product	vcf operations
Ecosystems	Virtualization Cloud
Industries	TechnologyEnterprise
Published	Sep 29, 2025
Last Updated	Feb 26, 2026

⚠️ Actively Exploited — Act Now

Get instant alerts for vmware vcf operations

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-41244.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

VMware / VCF operations

9.0.x < 9.0.1.0

VMware / VMware tools

13.x.x.x < 13.0.5.0 12.5.x < 12.5.4

VMware / VMware Aria Operations

8.18.x < 8.18.5

VMware / VMware Cloud Foundation

5.x < 8.18.5 4.x < 8.18.5

VMware / VMware Telco Cloud Platform

5.x < 8.18.5 4.x < 8.18.5

VMware / VMware Telco Cloud Infrastructure

3.x < 8.18.5 2.x < 8.18.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.broadcom.com: http://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149 blog.nviso.eu: https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/ support.broadcom.com: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244 lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/10/msg00000.html openwall.com: http://www.openwall.com/lists/oss-security/2025/09/29/10