Detections
Analytics

VMware Aria Operations 8.x < 8.18.5 Multiple Vulnerabilities (VMSA-2025-0015)

high Nessus Plugin ID 266419

Language:

Synopsis

VMware Aria Operations running on the remote host is affected by multiple vulnerabilities.

Description

The version of VMware Aria Operations (formerly vRealize Operations) running on the remote host is 8.x prior to 8.18.5.
It is, therefore, affected by multiple vulnerabilities as disclosed in the VMSA-2025-0015 advisory:

 - VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. (CVE-2025-41244)

 - VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations. (CVE-2025-41245)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to VMware Aria Operations version 8.18.5 or later.

See Also

http://www.nessus.org/u?c5f718a1

Plugin Details

Severity: High

ID: 266419

File Name: vmware_aria_operations_VMSA-2025-0015.nasl

Version: 1.2

Type: remote

Family: Misc.

Published: 10/2/2025

Updated: 10/30/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-41244

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:vrealize_operations

Required KB Items: installed_sw/vRealize Operations Manager

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/29/2025

Vulnerability Publication Date: 9/29/2025

CISA Known Exploited Vulnerability Due Dates: 11/20/2025

Reference Information

CVE: CVE-2025-41244, CVE-2025-41245

IAVA: 2025-A-0712

VMSA: 2025-0015