A newly discovered VMware zero-day vulnerability, CVE-2025-41244, has been actively exploited by Chinese state-sponsored actors for nearly a year. The flaw affects multiple VMware products and allows privilege escalation, posing significant security risks. #CVE202541244 #UNC5174
Keypoints
- The vulnerability CVE-2025-41244 is a critical privilege escalation flaw affecting various VMware products.
- Chinese state-sponsored group UNC5174 has been exploiting the vulnerability in the wild since mid-October 2024.
- VMware addressed the vulnerability in an advisory published on September 29, 2025, with fixed versions available.
- The exploit requires access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled.
- Researcher NVISO published a Proof-of-Concept exploit and linked the vulnerability to potential unintended privilege escalations in other malware.
Read More: https://thecyberexpress.com/vmware-vulnerability-cve-2025-41244/