Skip to main content
Threat Radar animated logo
DashboardThreatsMapFeedsAPI
reconnecting
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

0
High
Exploitlocal
Published: Tue Sep 30 2025 (09/30/2025, 10:57:00 UTC)
Source: The Hacker News

Description

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions - VMware Cloud Foundation 4.x and 5.x VMware

Technical Details

Article Source
{"url":"https://thehackernews.com/2025/09/urgent-china-linked-hackers-exploit-new.html","fetched":true,"fetchedAt":"2025-10-07T01:05:10.076Z","wordCount":1218}

Threat ID: 68e467476a45552f36e85bfb

Added to database: 10/7/2025, 1:05:11 AM

Last updated: 10/7/2025, 5:28:51 PM

Views: 2

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Related Threats

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

High
ExploitTue Oct 07 2025

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

High
ExploitTue Oct 07 2025

Microsoft and Steam Take Action as Unity Vulnerability Puts Games at Risk

Low
VulnerabilityMon Oct 06 2025

Mbed TLS 3.6.4 - Use-After-Free

Medium
VulnerabilityTue Sep 30 2025

Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege

Medium
VulnerabilityTue Sep 30 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats