"A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. CISA added CVE-2026-22719 to its Known Exploited Vulnerabilities (KEV) catalog on Tuesday, instructing federal agencies to address it by March 24."
"Broadcom is aware of reports of potential exploitation of CVE-2026-22719 in the wild, but we cannot independently confirm their validity. It's unclear whether exploitation of the vulnerability started after a patch was released or CVE-2026-22719 was exploited as a zero-day."
CVE-2026-22719 is a high-severity command injection vulnerability affecting VMware Aria Operations that allows unauthenticated attackers to execute arbitrary commands and achieve remote code execution during product migration. Broadcom released patches on February 24, and CISA added the vulnerability to its Known Exploited Vulnerabilities catalog, requiring federal agencies to remediate by March 24. While Broadcom acknowledges reports of potential in-the-wild exploitation, the company cannot independently confirm their validity. The timeline of exploitation relative to patch release remains unclear, and no public details describe actual attacks. Broadcom's prompt advisory update demonstrates improved security communication practices.
#vmware-aria-operations #command-injection-vulnerability #remote-code-execution #in-the-wild-exploitation #cisa-kev-catalog
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]