#vmware-aria-operations

[ follow ]
#remote-code-execution #cisa-kev-catalog #command-injection-vulnerability #in-the-wild-exploitation
fromSecurityWeek
10 hours ago

VMware Aria Operations Vulnerability Exploited in the Wild

A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. CISA added CVE-2026-22719 to its Known Exploited Vulnerabilities (KEV) catalog on Tuesday, instructing federal agencies to address it by March 24.
Information security
Information security
fromThe Hacker News
12 hours ago

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

CISA added CVE-2026-22719, a high-severity command injection vulnerability in Broadcom VMware Aria Operations, to its Known Exploited Vulnerabilities catalog due to active exploitation in the wild.
Information security
fromSecurityWeek
5 months ago

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

CVE-2025-41244 enables privilege escalation to root on VMs with VMware Tools and Aria Operations (SDMP enabled) and has been exploited since October 2024.
[ Load more ]