#vmware-aria-operations

[ follow ]
#remote-code-execution #cisa-kev-catalog #command-injection-vulnerability #in-the-wild-exploitation
fromSecurityWeek
2 weeks ago

VMware Aria Operations Vulnerability Exploited in the Wild

A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. CISA added CVE-2026-22719 to its Known Exploited Vulnerabilities (KEV) catalog on Tuesday, instructing federal agencies to address it by March 24.
Information security
Information security
fromThe Hacker News
2 weeks ago

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

CISA added CVE-2026-22719, a high-severity command injection vulnerability in Broadcom VMware Aria Operations, to its Known Exploited Vulnerabilities catalog due to active exploitation in the wild.
Information security
fromSecurityWeek
5 months ago

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

CVE-2025-41244 enables privilege escalation to root on VMs with VMware Tools and Aria Operations (SDMP enabled) and has been exploited since October 2024.
[ Load more ]