What's Happening?
Broadcom has released patches for several vulnerabilities in VMware Aria Operations, including a critical command injection flaw identified as CVE-2026-22719. This vulnerability, with a CVSS score of 8.1, allows unauthenticated attackers to execute arbitrary
commands, potentially leading to remote code execution during support-assisted product migration. Additionally, a stored cross-site scripting (XSS) flaw, CVE-2026-22720, with a CVSS score of 8.0, was patched, which could enable attackers with certain permissions to inject scripts for administrative actions. A medium-severity privilege escalation issue, CVE-2026-22721, was also addressed. These patches are included in the latest versions of VMware Cloud Foundation and VMware vSphere Foundation, as well as Aria Operations.
Why It's Important?
The vulnerabilities in VMware Aria Operations highlight significant security risks for organizations using these products. Remote code execution vulnerabilities can be particularly dangerous, allowing attackers to gain control over affected systems, potentially leading to data breaches or system disruptions. The timely patching of these vulnerabilities is crucial for maintaining the security of IT infrastructures that rely on VMware products. Organizations that fail to apply these patches may be at risk of exploitation, which could have severe consequences for their operations and data security.
What's Next?
Organizations using VMware Aria Operations should prioritize applying the latest patches to mitigate the risks associated with these vulnerabilities. IT security teams need to remain vigilant for any signs of exploitation and ensure that their systems are updated regularly. Broadcom's advisory did not mention any in-the-wild exploitation, but given the history of VMware product vulnerabilities being targeted by threat actors, organizations should not delay in securing their systems.
