VMware Aria Operations flaws could enable remote attacks - Cybernoz - Cybersecurity News

VMware fixes command injection flaw in Aria Operations

VMware has released patches for several high- and medium-risk vulnerabilities that impact its Aria Operations, Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure products. The most serious of these flaws allows unauthenticated attackers to execute arbitrary commands on the underlying OS, while another gives authenticated users the ability to elevate to administrator privileges. The issues — CVE-2026-22719, CVE-2026-22720, and…

VMware Aria Vulnerabilities Expose RCE Risk

Broadcom has disclosed three vulnerabilities in VMware Aria Operations, including one that could allow unauthenticated remote code execution during product migrations.  One of the flaws, CVE-2026-22719, can allow an attacker “… to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress,” said Broadcom in its advisory. Inside the VMware Aria Vulnerabiliti…

VMware Aria Operations flaws could enable remote attacks - Cybernoz - Cybersecurity News

VMware Aria Operations flaws could enable remote attacks Pierluigi Paganini February 24, 2026 Broadcom patched multiple VMware Aria Operations flaws, including high-severity issues that could enable remote code execution. Broadcom has released security updates to address multiple vulnerabilities affecting VMware Aria Operations. VMware Aria Operations is an IT operations management platform that helps organizations monitor and op…