VMWare Products Multiple Vulnerabilities

Release Date: 31 Oct 2025 4900 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

Multiple vulnerabilities were identified in VMware products.  A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, sensitive information disclosure and security restriction bypass on the targeted system.

 

Note:

CVE-2025-41244 is actively exploited in the wild. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. Hence, the risk level is rated as Medium Risk.

Impact

  • Information Disclosure
  • Security Restriction Bypass
  • Elevation of Privilege

System / Technologies affected

  • VMware Aria Operations 8.x
  • VMware Tools 11.x.x, 12.x.x, 13.x.x
  • VMware Cloud Foundation 4.x, 5.x
  • VMware Telco Cloud Platform 4.x, 5.x
  • VMware Telco Cloud Infrastructure 2.x, 3.x
  • VMware Cloud Foundation Operations 9.x.x.x

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Vulnerability Identifier

Source

Related Link

Related Tags

VMwareInformation DisclosureSecurity Restriction BypassElevation of PrivilegeExploit In The Wild

Share with

Previous

SUSE Linux Kernel Multiple Vulnerabilities

8 Oct 2025 13554 Views

Next

Microsoft Edge Multiple Vulnerabilities

3 Nov 2025 3723 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY