CVE-2025-41244
- Source
- https://cve.org/CVERecord?id=CVE-2025-41244
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-41244.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-41244
- Downstream
- Related
- Published
- 2025-09-29T17:15:30.843Z
- Modified
- 2026-04-16T04:39:52.681449463Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
- References
-
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-41244
- http://www.openwall.com/lists/oss-security/2025/09/29/10
- https://lists.debian.org/debian-lts-announce/2025/10/msg00000.html
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149
- http://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149
- https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/
Affected packages
Git / github.com/vmware/open-vm-tools
Affected ranges
- Type
- GIT
- Repo
- https://github.com/vmware/open-vm-tools
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "9.0" }, { "introduced": "11.2.0" }, { "fixed": "12.5.4" }, { "introduced": "0" }, { "last_affected": "13.0.0" }, { "introduced": "0" }, { "last_affected": "11.0" }, { "introduced": "12.5.0" }, { "fixed": "12.5.4" } ] }
Affected versions
2008.*
2008.02.13-77928
2008.04.04-87182
2008.05.02-90473
2008.05.15-93084
2008.05.15-93241
2008.06.03-96374
2008.06.20-100027
2008.07.01-102166
2008.10.10-123053
2008.11.18-130226
2008.12.23-137496
2009.*
2009.01.21-142982
2009.02.18-148847
2009.03.18-154848
2009.04.23-162451
2009.05.22-167859
2009.06.18-172495
2009.07.22-179896
2009.08.24-187411
2009.09.18-193784
2009.10.15-201664
2009.11.16-210370
2009.12.16-217847
2010.*
2010.01.19-226760
2010.02.23-236320
2010.03.20-243334
2010.04.25-253928
2010.06.16-268169
2010.07.25-280253
2010.08.24-292196
2010.09.19-301124
2010.10.18-313025
2010.11.17-327185
2010.12.19-339835
2011.*
2011.01.24-354108
2011.03.28-387002
2011.04.25-402641
2011.05.27-420096
2011.06.27-437995
2011.07.19-450511
2011.08.21-471295
2011.09.23-491607
2011.10.26-514583
2011.11.20-535097
2011.12.20-562307
2012.*
2012.03.13-651368
2012.05.21-724730
2012.10.14-874563
2012.12.26-958366
2013.*
2013.04.16-1098359
2013.09.16-1328054
open-vm-tools-10.*
open-vm-tools-10.0.0-3000743
Other
p4-sync-929606
stable-10.*
stable-10.0.5
stable-11.*
stable-11.0.0
stable-12.*
stable-12.5.0
stable-12.5.2
stable-13.*
stable-13.0.0
stable-9.*
stable-9.0.0
stable-9.10.0
stable-9.10.2
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-41244.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "8.0"
},
{
"fixed": "8.18.5"
}
]
},
{
"events": [
{
"introduced": "4.0"
},
{
"last_affected": "5.2.2"
}
]
},
{
"events": [
{
"introduced": "2.2"
},
{
"last_affected": "3.0"
}
]
},
{
"events": [
{
"introduced": "4.0"
},
{
"fixed": "5.0.1"
}
]
},
{
"events": [
{
"introduced": "13.0.0.0"
},
{
"fixed": "13.0.5.0"
}
]
}
]