AI News

CISA Warns of Actively Exploited VMware Vulnerability

The agency added a high-severity flaw in VMware Tools to its KEV catalog, citing exploitation by a China-linked threat actor.

Olivia Sharp 1 min read 591 views
Free
The U.S. Cybersecurity and Infrastructure Security Agency added a VMware vulnerability to its KEV catalog, warning it is being actively exploited by a China-linked hacking group.

The Vulnerability Details

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert regarding a high-severity vulnerability in widely used enterprise software. The flaw, tracked as CVE-2025-41244, is a local privilege escalation vulnerability in Broadcom's VMware Tools and VMware Aria Operations. A malicious local actor with non-administrative privileges can exploit the flaw to gain root-level control of a virtual machine. The vulnerability affects the infrastructure that underpins many corporate AI and cloud computing environments.

Active Exploitation by State-Sponsored Actor

CISA added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling that it is an immediate and …

Archive Access

This article is older than 24 hours. Create a free account to access our 7-day archive.

Sign Up for Free Archive Access Already have an account? Log in

Share this article

#research #enterprise

Related Articles