[Security Vulnerability Alert] Broadcom VMware contains a high-risk security vulnerability (CVE-2025-41244). Please confirm and patch it as soon as possible.

[Security Vulnerability Alert] Broadcom VMware contains a high-risk security vulnerability (CVE-2025-41244). Please confirm and patch it as soon as possible.

2025/11/7 ～ 2026/5/7

View Count：33

Forwarded from National Cybersecurity Information Sharing and Analysis Center: Cybersecurity Alert NISAC-200-202511-00000021

[Content Description]
Researchers have discovered a Local Privilege Escalation vulnerability (CVE-2025-41244) in Broadcom VMware. An attacker with normal privileges on the local machine can exploit this vulnerability to escalate privileges to administrator level within the VM. This vulnerability has already been exploited by hackers; please confirm and patch it as soon as possible.

[Affected Platforms]
VMware Cloud Foundation Operations versions 9.x.x.x
VMware Tools versions 13.x.x.x, 12.x.x, and 11.x.x
VMware Aria Operations versions 8.x, 5.x, 4.x, 3.x, and 2.x

[Recommended Actions]
An official patch has been released to fix the vulnerability. Please refer to the official instructions to update. The URL is as follows:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149

[References]
1. https://nvd.nist.gov/vuln/detail/CVE-2025-41244
2. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149

[Security Vulnerability Alert] Broadcom VMware contains a high-risk security vulnerability (CVE-2025-41244). Please confirm and patch it as soon as possible.

2025/11/7 ～ 2026/5/7

View Count：33

Files

None

【Back】