Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions - VMware Cloud Foundation 4.x and 5.x VMware
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
Description
A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions - VMware Cloud Foundation 4.x and 5.x VMware
Technical Details
- Article Source
- {"url":"https://thehackernews.com/2025/09/urgent-china-linked-hackers-exploit-new.html","fetched":true,"fetchedAt":"2025-10-07T01:05:10.076Z","wordCount":1218}
Threat ID: 68e467476a45552f36e85bfb
Added to database: 10/7/2025, 1:05:11 AM
Last updated: 2/2/2026, 8:23:49 PM
Views: 165
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation
HighLastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords
MediumPalo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login
HighChrome 144, Firefox 147 Patch High-Severity Vulnerabilities
HighCISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution
HighActions
External Links
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.