vulnerability

VMware VMware Tools: CVE-2025-41246: VMware Tools improper authorisation vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:A/AC:M/Au:M/C:C/I:C/A:C)	Sep 29, 2025	Sep 30, 2025	Oct 30, 2025

Severity

CVSS

(AV:A/AC:M/Au:M/C:C/I:C/A:C)

Published

Sep 29, 2025

Added

Sep 30, 2025

Modified

Oct 30, 2025

Description

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.6.

Solution

vmware-tools-upgrade-latest

References

URL-https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149
CVE-2025-41246
https://attackerkb.com/topics/CVE-2025-41246
CWE-863

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today