117/69 Thursday, February 25, 2026
Broadcom has issued a security advisory and released patches to address multiple vulnerabilities in VMware Aria Operations, including a high-severity flaw that could lead to remote code execution. The most critical issue, CVE-2026-22719 (CVSS 8.1), is a Command Injection vulnerability. An unauthenticated attacker could exploit this flaw to execute arbitrary commands remotely during the product migration process, particularly when the migration is being performed with assistance from support services.
Another high-severity vulnerability, CVE-2026-22720 (CVSS 8.0), is classified as a Stored Cross-Site Scripting (XSS) issue. It allows an attacker with permissions to create Custom Benchmarks to inject malicious scripts that could execute with administrative-level privileges. In addition, CVE-2026-22721 is a medium-severity Privilege Escalation vulnerability that could enable attackers to gain administrative access.
Although Broadcom stated that there is currently no evidence of in-the-wild exploitation, VMware products are frequently targeted by threat actors. Administrators are strongly advised to update to the latest patched versions-Aria Operations 8.18.6 or update via VMware Cloud/vSphere Foundation 9.0.2.0-to mitigate potential risks and strengthen the security posture of their infrastructure.
Source https://www.securityweek.com/vmware-aria-operations-vulnerability-could-allow-remote-code-execution/
