VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)_CVE-2025-41244

{
    "lastseen": "",
    "description": "VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability.\u00a0A malicious local actor with non-administrative privileges having access to a VM with VMware Tools\u00a0installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.",
    "published": "2025-09-29T16:09:51.871Z",
    "modified": "2025-09-29T16:16:24.967Z",
    "type": "cve",
    "title": "VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)",
    "source": "vmware",
    "references": "http://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149",
    "id": "CVE-2025-41244",
    "bulletinFamily": "",
    "cwe": [
        "CWE-267"
    ],
    "cvelist": null,
    "sourceData": "VMware VCF operations 9.0.x\nVMware VMware tools 13.x.x.x\nVMware VMware tools 12.5.x\nVMware VMware Aria Operations 8.18.x\nVMware VMware Cloud Foundation 5.x\nVMware VMware Cloud Foundation 4.x\nVMware VMware Telco Cloud Platform 5.x\nVMware VMware Telco Cloud Platform 4.x\nVMware VMware Telco Cloud Infrastructure 3.x\nVMware VMware Telco Cloud Infrastructure 2.x",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "VCF operations",
    "version": "9.0.x",
    "vendor": "VMware",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}