CISA has issued a warning to U.S. government agencies to patch a critical vulnerability in Broadcomβs VMware Aria Operations and VMware Tools software, actively exploited by Chinese state-sponsored hackers. The vulnerability, CVE-2025-41244, allows privilege escalation to root and has been exploited in the wild since October 2024, highlighting the importance of timely patching and mitigation. #CISA #UNC5174 #CVE202541244 #VMwareAdvisory
Keypoints
- The vulnerability CVE-2025-41244 affects VMware Aria Operations and VMware Tools, enabling privilege escalation.
- U.S. federal agencies are mandated to patch the flaw by November 20, 2024, under BOD 22-01 guidelines.
- Chinese state-sponsored threat actor UNC5174 has exploited this vulnerability since mid-October 2024.
- Exploits include attacks on U.S. defense contractors, UK government entities, and Asian institutions.
- Broadcom has patched several other VMware vulnerabilities actively exploited in recent months.