SB2025093025 - Multiple vulnerabilitie in VMware Aria Operations

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper access control (CVE-ID: CVE-2025-41244)

The vulnerability allows a local user to escalate privileges on the virtual machine. 

The vulnerability exists due to improper access restrictions. A local non-privileged user on the virtual machine can execute arbitrary  code with superuser privileges on the same virtual machine. 

Note, the vulnerability is being exploited in the wild since mid-October 2024.

2) Information disclosure (CVE-ID: CVE-2025-41245)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an error when handling user credentials. A local unprivileged user can obtain credentials of other users of Aria Operations.

Remediation

Install update from vendor's website.

References

• https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149
• https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/