UNC5174 - Geek Feed

CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers

November 2, 2025November 2, 2025 geekfeed0Tagged Actively Exploited, Broadcom, china, CISA, CVE-2025-41244, Elevation of Privileges, Privilege Escalation, UNC5174, vmware

On Thursday, CISA warned U.S. government agencies to secure their systems against attacks exploiting a high-severity vulnerability in Broadcom’s VMware Aria Operations and VMware Tools software. Tracked as CVE-2025-41244 and patched one month ago, this vulnerability allows local attackers with non-administrative privileges to a virtual machine (VM) with VMware Tools and managed by Aria Operations with SDMP enabled […]

3 mins read

Chinese hackers exploiting VMware zero-day since October 2024

October 4, 2025October 4, 2025 geekfeed0Tagged 0day, Broadcom, china, Elevation of Privileges, Local Privilege Escalation, Privilege Escalation, UNC5174, vmware, Zero-Day

Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. While the American technology giant didn’t tag this security bug (CVE-2025-41244) as exploited in the wild, it thanked NVISO threat researcher Maxime Thiebaut for reporting the bug in May. However, […]

2 mins read