VMware has announced a critical security issue VMSA-2025-0006, a high-severity vulnerability affecting Aria Operations. This vulnerability, CVE-2025-22231, enables attackers with local access to escalate privileges to root level, potentially resulting in full system control. This may lead to unauthorized data access, service disruptions, or further network compromise. Important to note is that exploitation requires existing local administrative access. Targeted systems include VMware Aria Operations, Cloud Foundation, and Telco Cloud platforms. While patches are available, unpatched systems are still at risk. The flaw’s discovery was credited to researchers from MoyunSec Vlab.
Source: https://cybersecuritynews.com/vmware-aria-operations-vulnerability/
TPRM report: https://scoringcyber.rankiteo.com/company/vmware
"id": "vmw806040125",
"linkid": "vmware",
"type": "Vulnerability",
"date": "4/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Technology',
'name': 'VMware',
'type': 'Organization'}],
'attack_vector': 'Local Access',
'description': 'VMware has announced a critical security issue '
'VMSA-2025-0006, a high-severity vulnerability affecting Aria '
'Operations. This vulnerability, CVE-2025-22231, enables '
'attackers with local access to escalate privileges to root '
'level, potentially resulting in full system control. This may '
'lead to unauthorized data access, service disruptions, or '
'further network compromise. Important to note is that '
'exploitation requires existing local administrative access. '
'Targeted systems include VMware Aria Operations, Cloud '
'Foundation, and Telco Cloud platforms. While patches are '
'available, unpatched systems are still at risk. The flaw’s '
'discovery was credited to researchers from MoyunSec Vlab.',
'impact': {'data_compromised': 'Potential unauthorized data access',
'downtime': 'Potential service disruptions',
'systems_affected': ['VMware Aria Operations',
'Cloud Foundation',
'Telco Cloud platforms']},
'motivation': 'Privilege Escalation',
'references': [{'source': 'VMware'}],
'response': {'remediation_measures': 'Patches available'},
'title': 'VMware VMSA-2025-0006 Privilege Escalation Vulnerability',
'type': 'Vulnerability',
'vulnerability_exploited': 'CVE-2025-22231'}