Article

Alert: VMware Zero-Day Vulnerability CVE-2025-41244

VMware has released urgent security updates addressing one actively exploited zero-day (CVE-2025-41244) and two additional vulnerabilities (CVE-2025-41245, CVE-2025-41246) affecting multiple VMware products, including VMware Tools, Aria Operations, Cloud Foundation, vSphere Foundation, and Telco Cloud Infrastructure, which could allow an attacker to perform local privilege escalation, information disclosure, and improper authorization.

Affected Systems

Affected Systems and Versions are:

VMware Tools / Open VM Tools: 11.x, 12.x, 13.x (Windows, Linux)
VMware Aria Operations: 8.x (all platforms)
VMware Cloud Foundation Operations: 4.x, 5.x, 9.x.x.x, 13.x.x.x (Windows, Linux)
VMware vSphere Foundation: 9.x.x.x, 13.x.x.x (Windows, Linux)
VMware Telco Cloud Platform: 4.x, 5.x (all platforms)
VMware Telco Cloud Infrastructure: 2.x, 3.x (all platforms).

Security Risks

Successful exploitation of these vulnerabilities could let a local user without admin rights take full control of the VM, access other virtual machines, and view sensitive information, potentially compromising the system and spreading to other connected systems.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

Follow VMware's security advisory (Broadcom VMSA-2025-0015) to lower the risk of potential exploits, protect systems, and ensure their security.

Apply the required and latest security updates as soon as possible.
The released software versions to upgrade to are:
VMware Tools / Open VM Tools: 12.5.4, 13.0.5 (Windows, Linux)
VMware Aria Operations: 8.18.5 (all platforms)
VMware Cloud Foundation Operations: 9.0.1.0 (Windows, Linux)
VMware vSphere Foundation: 9.0.1.0, 13.x.x.x (Windows, Linux)
VMware Telco Cloud Platform and Cloud Infrastructure: 8.18.5 (all platforms)

Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

Broadcom Advisory VMSA-2025-0015

01 October 2025

More updates

01 October 2025

Alert: Apple Security Updates – September 2025

Apple has released urgent security updates to address a vulnerability affecting multiple products.

01 October 2025

Alert: Compiled Apple Security Updates – September 2025

Apple has released urgent security updates to address a vulnerability affecting multiple products

25 September 2025

Alert: Compiled Cisco Security Updates - September 2025

Cisco has released security updates to address vulnerabilities in several of its products.

25 September 2025

Alert: High-Severity SNMP Vulnerability in Cisco IOS and IOS XE (CVE-2025-20352)

Cisco has identified a high-severity zero-day vulnerability, CVE-2025-20352 (CVSS 7.7)

	info@ncsa.gov.rw
	9009 / 0781813310
	‎+250 791 445 224

Affected Systems

Affected Systems and Versions are:

VMware Tools / Open VM Tools: 11.x, 12.x, 13.x (Windows, Linux)

VMware Aria Operations: 8.x (all platforms)

VMware Cloud Foundation Operations: 4.x, 5.x, 9.x.x.x, 13.x.x.x (Windows, Linux)

VMware vSphere Foundation: 9.x.x.x, 13.x.x.x (Windows, Linux)

VMware Telco Cloud Platform: 4.x, 5.x (all platforms)

VMware Telco Cloud Infrastructure: 2.x, 3.x (all platforms).

Security Risks

Successful exploitation of these vulnerabilities could let a local user without admin rights take full control of the VM, access other virtual machines, and view sensitive information, potentially compromising the system and spreading to other connected systems.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

Follow VMware's security advisory (Broadcom VMSA-2025-0015) to lower the risk of potential exploits, protect systems, and ensure their security.

Apply the required and latest security updates as soon as possible. The released software versions to upgrade to are:

VMware Tools / Open VM Tools: 12.5.4, 13.0.5 (Windows, Linux)

VMware Aria Operations: 8.18.5 (all platforms)

VMware Cloud Foundation Operations: 9.0.1.0 (Windows, Linux)

VMware vSphere Foundation: 9.0.1.0, 13.x.x.x (Windows, Linux)

VMware Telco Cloud Platform and Cloud Infrastructure: 8.18.5 (all platforms)

Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

Broadcom Advisory VMSA-2025-0015

Apply the required and latest security updates as soon as possible.
The released software versions to upgrade to are: