VMware Aria Operations Remote Code Execution Vulnerability Exposed
Critical Vulnerability in VMware Aria Operations Patched by Broadcom
A critical vulnerability in VMware Aria Operations has been patched by Broadcom, which could have allowed an attacker to execute arbitrary code remotely.
Vulnerability Details
The vulnerability, tracked as CVE-2026-22719, has a CVSS score of 8.1 and can be exploited by an unauthenticated attacker.
Impact and Patches
When exploited, the vulnerability can lead to remote code execution in VMware Aria Operations. Broadcom has released patches for the issue, which are included in version 9.0.2.0 of VMware Cloud Foundation and VMware vSphere Foundation, as well as version 8.18.6 of Aria Operations.
Additional Vulnerabilities Patched
In addition to CVE-2026-22719, Broadcom has also patched two other vulnerabilities in Aria Operations. One of these is a stored cross-site scripting (XSS) flaw, tracked as CVE-2026-22720, which has a CVSS score of 8.0.
This vulnerability can be exploited by an attacker with permission to create custom benchmarks, allowing them to inject scripts and perform administrative actions.
The third vulnerability, tracked as CVE-2026-22721, is a medium-severity privilege escalation issue that can be exploited to obtain administrative access.
Recommendation
Broadcom’s advisory does not indicate whether any of these vulnerabilities have been exploited in the wild. However, it is not uncommon for threat actors to target VMware product vulnerabilities, and Broadcom has been known to omit warnings of in-the-wild exploitation from its initial advisories.
The patches for these vulnerabilities are available in the latest updates for Aria Operations, and users are advised to apply them as soon as possible to prevent potential exploitation.
About Author
English