Get started
11thestate11thestate

$AVGO: Broadcom Patches VMware Zero-Day Exploited by Chinese Hackers — $102.5M Settlement Lingers

1 min read
AVGO

Court: N.D. California

Case: 5:20-cv-02182

Broadcom AVGO has released critical patches for a high-severity VMware zero-day (CVE-2025-41244) that had been actively exploited by Chinese state-linked group UNC5174 since late 2024. The flaw, affecting VMware Aria Operations and VMware Tools, allowed attackers to escalate privileges to root by staging malicious binaries in vulnerable directories. VMware Tools 12.5.4 (Windows) and updated Linux packages have been issued to close the gap. While the rapid fix shows Broadcom’s urgency in protecting VMware assets, the company remains shadowed by a $102.5M securities settlement related to past sales backlog disclosures.

Key Highlights
  • CVE-2025-41244 patched after confirmed in-the-wild exploitation.
  • UNC5174, a Chinese state-sponsored actor, linked to attacks on gov & commercial entities.
  • Fixes rolled out in VMware Tools 12.5.4 (Windows) and open-vm-tools for Linux.
  • Incident underscores VMware’s critical role in enterprise infrastructure.
  • $102.5M securities settlement tied to misleading sales backlog disclosures weighs on outlook.
But Legal Settlement Still Weighs

Timeline Overview

  • Aug 23, 2018 — Class period begins; VMware issues strong revenue commentary.
  • 2019–2020 — Decreases in sales backlog disclosures raise red flags.
  • Feb 27, 2020 — Class period ends as stock declines on reduced backlog.
  • Oct 4, 2024 — $102.5M settlement agreement announced.
  • Mar 31, 2025 — Fairness hearing scheduled in N.D. California.

Allegations Include

  • Misrepresenting unfilled orders and sales backlog visibility.
  • Omitting risks tied to delayed recognition of revenue.
  • Artificially inflating share price with misleading financial statements.
  • Violations of Exchange Act §10(b) and Rule 10b-5.

Investor Update

The $102.5M cash settlement offers compensation but leaves residual governance concerns. While Broadcom actively shores up VMware’s cybersecurity defenses, investors remain cautious as past disclosure practices and ongoing oversight risk weigh against operational progress.

You can check more information about it HERE.

11thestate
Read more from 11thestate

More news from 11thestate