Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Ubuntu 25.04: Critical Privilege Escalation in Open VM Tools USN-7785-1

ubuntu
Calendar Grey September 29, 2025
Scroller Ubuntu
Open VM Tools flaw enables admin program execution, risking privilege escalation across Ubuntu releases. Update recommended.
Open VM Tools could be made to run programs as an administrator.

Summary

Open VM Tools could be made to run programs as an administrator.

Software Description:

- open-vm-tools: Open VMware Tools for virtual machines hosted on VMware

Details:

It was discovered that Open VM Tools incorrectly handled permissions with

version checking. An attacker could possibly use this issue to escalate

privileges inside a virtual machine.

This update disables the SDMP get-versions.sh script, so version

information may no longer be made available.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  open-vm-tools                   2:12.5.0-1ubuntu0.2

Ubuntu 24.04 LTS
  open-vm-tools                   2:12.5.0-1~ubuntu0.24.04.2

Ubuntu 22.04 LTS
  open-vm-tools                   2:12.3.5-3~ubuntu0.22.04.3

Ubuntu 20.04 LTS
  open-vm-tools                   2:11.3.0-2ubuntu0~ubuntu20.04.8+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7785-1

CVE-2025-41244

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7785-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.