← back
CVE-2025-41244

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

CVSS 7.8 HIGHEPSS 7.6%● KEVCWE-267
In short

A flaw in VMware Tools allows a regular user on a virtual machine to gain root-level control if VMware Aria Operations is managing the system with SDMP enabled. This is dangerous because it lets unauthorized users take full control of the machine.

Technical detail

Local privilege escalation in VMware Tools affecting VMs managed by Aria Operations with SDMP (Secure Desktop Managed Peripherals or related management feature) enabled. An attacker with non-administrative local access can exploit this vulnerability to achieve root-level code execution on the compromised VM. Requires user to have local system access and the victim system to be under Aria Operations management.

Summary generated and translated by AI from the official description.
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
VMware · VCF operationsVMware · VMware Aria OperationsVMware · VMware Cloud FoundationVMware · VMware Telco Cloud InfrastructureVMware · VMware Telco Cloud PlatformVMware · VMware tools
public PoCs found3
githubgithub.com/NULL200OK/CVE-2025-412442githubgithub.com/rxerium/CVE-2025-412441cve_referenceblog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/https://lists.debian.org/debian-lts-announce/2025/10/msg00000.htmlhttps://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149http://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244http://www.openwall.com/lists/oss-security/2025/09/29/10