What is the CVSS score of CVE-2025-41244?

CVE-2025-41244 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of Aria Operations are affected by CVE-2025-41244?

CVE-2025-41244 presents notable security risk rated CVSS 7.8. Exploitation could compromise the security of affected deployments.. A patch is available.

Is there a public PoC exploit available for CVE-2025-41244?

Yes, a public proof-of-concept exploit is available for CVE-2025-41244. Prioritise patching immediately. EPSS: 0.4%.

How to fix or mitigate CVE-2025-41244?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Monitor vendor channels for patch availability.

Aria Operations CVE-2025-41244

HIGH

Privilege Defined With Unsafe Actions (CWE-267)

2025-09-29 security@vmware.com

Privilege Escalation Red Hat VMware Aria Operations Cloud Foundation Debian Linux Telco Cloud Infrastructure Telco Cloud Platform Suse Cloud Foundation Operations Open Vm Tools Tools

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Apr 06, 2026 - 02:30 nvd

Patch available

Analysis Generated

Mar 28, 2026 - 19:14 vuln.today

Added to CISA KEV

Nov 06, 2025 - 13:58 cisa

CISA KEV

PoC Detected

Nov 06, 2025 - 13:58 vuln.today

Public exploit code

CVE Published

Sep 29, 2025 - 17:15 nvd

HIGH 7.8

DescriptionNVD

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.

AnalysisAI

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-267. VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. Affected products include: Vmware Aria Operations, Vmware Cloud Foundation, Vmware Cloud Foundation Operations, Vmware Open Vm Tools, Vmware Telco Cloud Infrastructure.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.