High-Severity Vulnerabilities Patched in VMware Aria Operations, NSX, vCenter
Briefly

High-Severity Vulnerabilities Patched in VMware Aria Operations, NSX, vCenter
"Broadcom on Monday announced patches for six vulnerabilities affecting VMware Aria Operations, NSX, vCenter, and VMware Tools products, including four high-severity flaws. Both Aria Operations and VMware Tools are impacted by a high-severity local privilege escalation bug tracked as CVE-2025-41244. "A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM," the vendor explains."
"VMware resolved a high-severity SMTP header injection bug (CVE-2025-41250) in vCenter that could allow an authenticated attacker with non-administrative privileges to "manipulate the notification emails sent for scheduled tasks". Additionally, it patched two high-severity flaws in NSX that could allow attackers to enumerate valid usernames. The first, CVE-2025-41251, is described as a weak password recovery mechanism issue that could lead to brute-force attacks, while the second, CVE-2025-41252, is described as a username enumeration defect that could lead to unauthorized access attempts."
Broadcom released patches addressing six vulnerabilities across VMware Aria Operations, NSX, vCenter, and VMware Tools, including four high-severity defects. A local privilege escalation flaw (CVE-2025-41244) allows a non-administrative local actor with access to a VM managed by Aria Operations with SDMP enabled to escalate to root. A medium-severity Aria Operations flaw (CVE-2025-41245) can disclose other users' credentials. A high-severity VMware Tools for Windows defect (CVE-2025-41246) may expose other guest VMs. vCenter received a fix for an SMTP header injection (CVE-2025-41250). Two NSX issues enable username enumeration and weak password-recovery brute-force risks (CVE-2025-41251, CVE-2025-41252). Multiple VMware platform versions received patches.
Read at SecurityWeek
Unable to calculate read time
[
|
]