⚠️ CISA Known Exploited Vulnerability
Active ThreatThis vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Active exploitation has been observed in the wild. This poses significant risk to federal enterprises and should be prioritized for immediate patching.
CVE-2025-41244
High CISA KEV
Low
Medium
High
Critical
7.8
CVSS Score
Vulnerability Description
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
L
Attack Complexity
L
Privileges Required
L
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H
Known Affected Software
70 configuration(s) from 2 vendor(s)
debian_linux
Version:
11.0
CPE:
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
open_vm_tools
Version:
12.0.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.0.0:*:*:*:*:*:*:*
tools
Version:
13.0.0.0
CPE:
cpe:2.3:a:vmware:tools:13.0.0.0:*:*:*:*:*:*:*
aria_operations
Version:
8.18.3
CPE:
cpe:2.3:a:vmware:aria_operations:8.18.3:*:*:*:*:*:*:*
cloud_foundation
Version:
4.5.2
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.5.2:*:*:*:*:*:*:*
cloud_foundation
Version:
4.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*
aria_operations
Version:
8.14.0
CPE:
cpe:2.3:a:vmware:aria_operations:8.14.0:*:*:*:*:*:*:*
open_vm_tools
Version:
12.5.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.5.0:*:*:*:*:*:*:*
cloud_foundation
Version:
4.5.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.5.1:*:*:*:*:*:*:*
cloud_foundation
Version:
4.4.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.4.1:*:*:*:*:*:*:*
aria_operations
Version:
8.18.1
CPE:
cpe:2.3:a:vmware:aria_operations:8.18.1:*:*:*:*:*:*:*
cloud_foundation
Version:
4.5
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.5:*:*:*:*:*:*:*
aria_operations
Version:
8.16.0
CPE:
cpe:2.3:a:vmware:aria_operations:8.16.0:*:*:*:*:*:*:*
open_vm_tools
Version:
12.4.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.4.0:*:*:*:*:*:*:*
cloud_foundation
Version:
4.2
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.2:*:*:*:*:*:*:*
open_vm_tools
Version:
11.3.5
CPE:
cpe:2.3:a:vmware:open_vm_tools:11.3.5:*:*:*:*:*:*:*
tools
Version:
12.5.1
CPE:
cpe:2.3:a:vmware:tools:12.5.1:*:*:*:*:*:*:*
cloud_foundation
Version:
4.2.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:*
cloud_foundation
Version:
4.3.11
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.3.11:*:*:*:*:*:*:*
telco_cloud_infrastructure
Version:
2.5
CPE:
cpe:2.3:a:vmware:telco_cloud_infrastructure:2.5:*:*:*:*:*:*:*
cloud_foundation
Version:
4.76
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.76:*:*:*:*:*:*:*
cloud_foundation
Version:
4.4.1.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.4.1.1:*:*:*:*:*:*:*
aria_operations
Version:
8.17.1
CPE:
cpe:2.3:a:vmware:aria_operations:8.17.1:*:*:*:*:*:*:*
telco_cloud_infrastructure
Version:
2.7
CPE:
cpe:2.3:a:vmware:telco_cloud_infrastructure:2.7:*:*:*:*:*:*:*
cloud_foundation
Version:
5.2.1.2
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.2.1.2:*:*:*:*:*:*:*
telco_cloud_platform
Version:
4.0
CPE:
cpe:2.3:a:vmware:telco_cloud_platform:4.0:*:*:*:*:*:*:*
open_vm_tools
Version:
12.1.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.1.0:*:*:*:*:*:*:*
aria_operations
Version:
8.17.2
CPE:
cpe:2.3:a:vmware:aria_operations:8.17.2:*:*:*:*:*:*:*
cloud_foundation
Version:
4.3
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.3:*:*:*:*:*:*:*
telco_cloud_infrastructure
Version:
3.0
CPE:
cpe:2.3:a:vmware:telco_cloud_infrastructure:3.0:*:*:*:*:*:*:*
tools
Version:
12.5.0
CPE:
cpe:2.3:a:vmware:tools:12.5.0:*:*:*:*:*:*:*
tools
Version:
13.0.1.0
CPE:
cpe:2.3:a:vmware:tools:13.0.1.0:*:*:*:*:*:*:*
telco_cloud_infrastructure
Version:
2.2
CPE:
cpe:2.3:a:vmware:telco_cloud_infrastructure:2.2:*:*:*:*:*:*:*
cloud_foundation
Version:
4.4
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.4:*:*:*:*:*:*:*
cloud_foundation_operations
Version:
9.0
CPE:
cpe:2.3:a:vmware:cloud_foundation_operations:9.0:*:*:*:*:*:*:*
open_vm_tools
Version:
11.2.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:11.2.0:*:*:*:*:*:*:*
cloud_foundation
Version:
4.0.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*
open_vm_tools
Version:
12.5.2
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.5.2:*:*:*:*:*:*:*
cloud_foundation
Version:
5.2.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.2.1:*:*:*:*:*:*:*
aria_operations
Version:
8.12.0
CPE:
cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix1:*:*:*:*:*:*
cloud_foundation
Version:
5.1.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.1.1:*:*:*:*:*:*:*
cloud_foundation
Version:
5.2
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.2:*:*:*:*:*:*:*
open_vm_tools
Version:
12.3.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.3.0:*:*:*:*:*:*:*
cloud_foundation
Version:
5.0
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.0:*:*:*:*:*:*:*
open_vm_tools
Version:
11.3.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:11.3.0:*:*:*:*:*:*:*
aria_operations
Version:
8.6.0
CPE:
cpe:2.3:a:vmware:aria_operations:8.6.0:-:*:*:*:*:*:*
open_vm_tools
Version:
12.1.5
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.1.5:*:*:*:*:*:*:*
tools
Version:
12.5.2
CPE:
cpe:2.3:a:vmware:tools:12.5.2:*:*:*:*:*:*:*
telco_cloud_platform
Version:
5.0
CPE:
cpe:2.3:a:vmware:telco_cloud_platform:5.0:*:*:*:*:*:*:*
cloud_foundation
Version:
4.3.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.3.1:*:*:*:*:*:*:*
open_vm_tools
Version:
12.2.5
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.2.5:*:*:*:*:*:*:*
open_vm_tools
Version:
12.3.5
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.3.5:*:*:*:*:*:*:*
cloud_foundation
Version:
4.0
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.0:-:*:*:*:*:*:*
open_vm_tools
Version:
11.2.5
CPE:
cpe:2.3:a:vmware:open_vm_tools:11.2.5:*:*:*:*:*:*:*
cloud_foundation
Version:
5.2.1.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.2.1.1:*:*:*:*:*:*:*
cloud_foundation
Version:
4.1.0.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*
open_vm_tools
Version:
12.2.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.2.0:*:*:*:*:*:*:*
aria_operations
Version:
8.18.2
CPE:
cpe:2.3:a:vmware:aria_operations:8.18.2:*:*:*:*:*:*:*
tools
Version:
12.5.3
CPE:
cpe:2.3:a:vmware:tools:12.5.3:*:*:*:*:*:*:*
telco_cloud_platform
Version:
4.0.1
CPE:
cpe:2.3:a:vmware:telco_cloud_platform:4.0.1:*:*:*:*:*:*:*
aria_operations
Version:
8.0
CPE:
cpe:2.3:a:vmware:aria_operations:8.0:*:*:*:*:*:*:*
aria_operations
Version:
8.10.0
CPE:
cpe:2.3:a:vmware:aria_operations:8.10.0:-:*:*:*:*:*:*
cloud_foundation
Version:
5.2.2
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.2.2:*:*:*:*:*:*:*
aria_operations
Version:
8.14.1
CPE:
cpe:2.3:a:vmware:aria_operations:8.14.1:*:*:*:*:*:*:*
aria_operations
Version:
8.18
CPE:
cpe:2.3:a:vmware:aria_operations:8.18:*:*:*:*:*:*:*
aria_operations
Version:
8.16.1
CPE:
cpe:2.3:a:vmware:aria_operations:8.16.1:*:*:*:*:*:*:*
open_vm_tools
Version:
13.0.0
CPE:
cpe:2.3:a:vmware:open_vm_tools:13.0.0:*:*:*:*:*:*:*
cloud_foundation
Version:
5.1
CPE:
cpe:2.3:a:vmware:cloud_foundation:5.1:*:*:*:*:*:*:*
open_vm_tools
Version:
12.0.5
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.0.5:*:*:*:*:*:*:*
open_vm_tools
Version:
12.4.5
CPE:
cpe:2.3:a:vmware:open_vm_tools:12.4.5:*:*:*:*:*:*:*
This vulnerability affects 70 software configuration(s). Ensure you patch all affected systems.
SUSE
CVE-2025-41244
CVE-2025-41244
Severity
Unknown
Released
Oct 04, 2025
Security Update
References & Resources
-
http://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149security@vmware.com Permissions Required
-
http://www.openwall.com/lists/oss-security/2025/09/29/10af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2025/10/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/134c704f-9b21-4f2e-91b3-4a467353bcc0 Exploit Third Party Advisory
-
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149134c704f-9b21-4f2e-91b3-4a467353bcc0 Vendor Advisory
-
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244134c704f-9b21-4f2e-91b3-4a467353bcc0 US Government Resource
Severity Details
7.8
out of 10.0
High
CISA KEV Status
Active Exploitation
Listed in CISA's Known Exploited Vulnerabilities catalog
Weakness Type (CWE)
CWE-267
Privilege Defined With Unsafe Actions
- Description
- A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
- Typical Severity
- High
- Abstraction Level
- Base
Key Information
- Published Date
- September 29, 2025
