Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability
CVE-2025-41244 enables privilege escalation to root on VMs with VMware Tools and Aria Operations (SDMP enabled) and has been exploited since October 2024.
Chinese cyber threat exploited VMware vulnerability for a full year
CVE-2025-41244 in VMware Tools and VMware Aria Operations allowed privilege escalation and root-level code execution; Broadcom released a patch to fix it.
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
CVE-2025-41244 enables local privilege escalation in VMware Tools and Aria Operations and has been exploited in the wild by UNC5174; patches and mitigations released.
