VMware Aria Vulnerabilities Expose RCE Risk | eSecurity Planet

vm_admin
VMware Aria Vulnerabilities Expose RCE Risk | eSecurity Planet

eSecurity Planet content and product recommendations are
editorially independent. We may make money when you click on links
to our partners.
Learn More

Broadcom has disclosed three vulnerabilities in VMware Aria Operations, including one that could allow unauthenticated remote code execution during product migrations. 

One of the flaws, CVE-2026-22719, can allow an attacker “… to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress,” said Broadcom in its advisory.

Inside the VMware Aria Vulnerabilities

VMware Aria Operations functions as a central management plane for VMware Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure, delivering visibility into performance, capacity, and configuration across hybrid and virtualized environments. 

Because it integrates closely with vCenter and other core systems, a compromise could expose…

Related Posts

Government of Monaco Adopts a VMware Sovereign Cloud to Enhance Data Security, Confidentiality and Digital Impact for the Principality, its Citizens, and Businesses
Government of Monaco Adopts a VMware Sovereign Cloud to Enhance Data Security, Confidentiality and Digital Impact for the Principality, its Citizens, and Businesses

State AlabamaAlaskaArizonaArkansasCaliforniaColoradoConnecticutDelawareFloridaGeorgiaHawaiiIdahoIllinoisIndianaIowaKansasKentuckyLouisianaMaineMarylandMassachusettsMichiganMinnesotaMississippiMissouriMontanaNebraskaNevadaNew HampshireNew JerseyNew MexicoNew YorkNorth CarolinaNorth DakotaOhioOklahomaOregonPennsylvaniaRhode IslandSouth CarolinaSouth DakotaTennesseeTexas