The National Computer Emergency Response Team (NCERT) has issued an urgent warning about multiple high-severity security flaws affecting key VMware products used across enterprise and telecom networks.
According to the advisory, these vulnerabilities impact VMware Aria Operations, VMware Tools, VMware Cloud Foundation, VMware Telco Cloud Infrastructure, and VMware NSX, posing a serious risk to both enterprise and cloud infrastructures.
The security flaws, identified as CVE-2025-41244 and CVE-2025-41246, carry severity scores between 7.6 and 7.8 on the CVSS scale. They allow attackers to escalate privileges, bypass authorization, and potentially execute remote code, putting sensitive systems and data at risk.
Exploited by Hackers
NCERT confirmed that the vulnerabilities have already been exploited in the wild, with evidence suggesting involvement of state-sponsored threat actors. Successful attacks could lead to full system compromise, unauthorized data access,…
