Vmware Tools vulnerabilities

3 known vulnerabilities affecting vmware/vmware_tools.

Total CVEs

3

CISA KEV

1

actively exploited

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2025-41244HIGHCVSS 7.8KEV≥ 13.x.x.x, < 13.0.5.0≥ 12.5.x, < 12.5.42025-09-29

CVE-2025-41244 [HIGH] CWE-267 VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246) VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246) VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with V

CVE-2018-6969HIGHCVSS 7.0v10.x and prior before 10.3.02018-07-13

CVE-2018-6969 [HIGH] CWE-125 CVE-2018-6969: VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Su VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing must be enabled.

CVE-2015-5191MEDIUMCVSS 6.7vVMware Tools prior to 10.0.92017-07-28

CVE-2015-5191 [MEDIUM] CWE-362 CVE-2015-5191: VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H