Local Privilege Escalation in VMware Aria Operations and VMware Tools
CVE-2025-41244

7.8HIGH

Key Information:

Vendor: Vmware
Status: Vcf Operations; Vmware Tools; Vmware Aria Operations; Vmware Cloud Foundation
Vendor: CVE Published:; 29 September 2025

What is CVE-2025-41244?

VMware Aria Operations and VMware Tools are affected by a local privilege escalation vulnerability that allows a malicious local user with non-administrative access to exploit the flaw. If the user has access to a virtual machine (VM) with VMware Tools installed, managed via Aria Operations with SDMP enabled, they can potentially escalate their privileges to root on that same VM. This scenario poses significant security risks, particularly in environments where sensitive data or critical applications are managed.

Affected Version(s)

VCF operations 9.0.x < 9.0.1.0

VMware Aria Operations 8.18.x < 8.18.5

VMware Cloud Foundation 5.x < 8.18.5

References

http://support.broadcom.com/group/ecx/support-content-vie...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 29, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Vmware

What is CVE-2025-41244?

Affected Version(s)

References

CVSS V3.1

Timeline