A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs.
The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions -

VMware Cloud Foundation 4.x and 5.x
VMware



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/09/urgent-china-linked-hackers-exploit-new.html