Local Privilege Escalation Vulnerability in VMware Aria Operations
CVE-2025-22231

7.8HIGH

Key Information:

Vendor: Vmware
Status: Vmware Aria Operations
Vendor: CVE Published:; 1 April 2025

Summary

VMware Aria Operations contains a local privilege escalation vulnerability that allows a malicious actor with local administrative privileges to elevate their access to root. This can lead to unauthorized control over the appliance, potentially compromising sensitive data and overall system integrity. Organizations utilizing VMware Aria Operations should take proactive measures to apply security patches and mitigate the risk associated with this vulnerability.

Affected Version(s)

VMware Aria operations any 8.x

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 1, 2025
Vulnerability Reserved
Jan 2, 2025