Broadcom disclosed a local privilege escalation vulnerability affecting VMware’s guest service discovery features. Tracked as CVE-2025-41244, successful exploitation of the vulnerability may allow an unprivileged user to escalate privileges. Maxime Thiebaut from NVISO Labs discovered and reported the vulnerability to Broadcom. The security researcher at NVISO Labs claims that the vulnerability has been exploited in … Continue reading “Broadcom Addresses Actively Exploited Vulnerability in VMware Aria Operations and VMware Tools (CVE-2025-41244)”