WHAT ARE YOU LOOKING FOR?

Popular Tags

Raleigh, NC

32°F
Scattered Clouds Humidity: 93%
Wind: 2.76 M/S

Broadcom Fixes VMware Flaw Under Attack by UNC5174 Hackers

Security Hits: 180
Broadcom Fixes VMware Flaw Under Attack by UNC5174 Hackers

Broadcom has issued patches for six VMware security flaws, including a critical vulnerability, CVE-2025-41244, that has already been exploited as a zero-day by the threat actor UNC5174 since mid-October 2024. 

Zero-Day Exploit Details 

The updates address four high-severity issues in total. The most notable flaw is CVE-2025-41244, which has a CVSS score of 7.8. This local privilege escalation vulnerability affects VMware Tools and Aria Operations. 

"VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8," the company's advisory reads. "A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM." 

The China-linked threat actor UNC5174 has been actively exploiting CVE-2025-41244 in the wild as a zero-day since mid-October 2024. A report by NVISO Labs confirmed the exploitation, stating that UNC5174 triggered the local privilege escalation. The threat actor is known for initial access operations achieved through the exploitation of public vulnerabilities. 

Affected Products 

The vulnerability impacts a wide range of products and versions, including 

  • VMware Cloud Foundation 4.x and 5.x 
  • VMware Cloud Foundation 9.x.x.x 
  • VMware Cloud Foundation 13.x.x.x (Windows, Linux) 
  • VMware vSphere Foundation 9.x.x.x 
  • VMware vSphere Foundation 13.x.x.x (Windows, Linux) 
  • VMware Aria Operations 8.x 
  • VMware Tools 11.x.x,12.x.x, and 13.x.x (Windows, Linux) 
  • VMware Telco Cloud Platform 4.x and 5.x 
  • VMware Telco Cloud Infrastructure 2.x and 3.x 

Other Patched Flaws 

Broadcom also released fixes for other VMware product vulnerabilities. These include an information disclosure flaw, CVE-2025-41245, and an improper authorization vulnerability, **CVE-2025-41246$. Patches were issued for Aria Ops, Tools, Cloud, and Telco products. 

Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post. 

Image
Back To Top

With Cybersecurity Insights, current news and event trends will be captured on cybersecurity, recent systems / cyber-attacks, artificial intelligence (AI), technology innovation happening around the world; to keep our viewers fast abreast with the current happening with technology, system security, and how its effect our lives and ecosystem. 

Please fill the required field.