News Score: Score the News, Sort the News, Rewrite the Headlines

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

A newly patched high-severity VMware vulnerability has been exploited as a zero-day since October 2024 for code execution with elevated privileges, NVISO Labs reports. Tracked as CVE-2025-41244 (CVSS score of 7.8), the security defect impacts both VMware Aria Operations and VMware Tools. VMware’s parent company Broadcom rolled out patches this week, warning that the flaw allows attackers to escalate their privileges to root on VMs that have VMware Tools installed and are managed by Aria Operatio...

Read more at securityweek.com

© News Score  score the news, sort the news, rewrite the headlines