Security
Exploited RCE Vulnerability in VMware Aria Operations Identified by CISA
The Cybersecurity and Infrastructure Security Agency (CISA) in the United States recently added a vulnerability in VMware Aria Operations, identified as CVE-2026-22719, to its list of Known Exploited Vulnerabilities. This flaw has been flagged as being actively exploited in attacks.
Although Broadcom has acknowledged reports suggesting exploitation of the vulnerability, it has stated that it is unable to independently verify these claims.
VMware Aria Operations serves as an enterprise monitoring platform designed to assist organizations in monitoring the performance and health of servers, networks, and cloud infrastructure.
The vulnerability associated with CVE-2026-22719 was initially disclosed and addressed on February 24, 2026, as part of VMware’s VMSA-2026-0001 advisory, which was classified as Important with a CVSS score of 8.1.
The CISA has now included this vulnerability in its Known Exploited Vulnerabilities catalog, mandating that federal civilian agencies address the issue by March 24, 2026.
In an update to the advisory, Broadcom mentioned its awareness of reports indicating the exploitation of the vulnerability in attacks but expressed its inability to confirm these reports independently.
As of now, no specific technical details regarding how the flaw may be exploited have been publicly disclosed.
When contacted by BleepingComputer for clarification on the reported activity, Broadcom did not provide a response.
The Nature of the Vulnerability
According to Broadcom, CVE-2026-22719 represents a command injection vulnerability that allows unauthorized attackers to execute arbitrary commands on vulnerable systems.
“A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress,” explained the advisory.
On February 24, Broadcom released security patches and offered a temporary workaround for organizations that were unable to immediately apply the patches.
The temporary solution comes in the form of a shell script named “aria-ops-rce-workaround.sh,” which needs to be executed as root on each Aria Operations appliance node.
The script disables certain components of the migration process that could be exploited, including the removal of “/usr/lib/vmware-casa/migration/vmware-casa-migration-service.sh” and a sudoers entry that allows vmware-casa-workflow.sh to run as root without a password.
NOPASSWD: /usr/lib/vmware-casa/bin/vmware-casa-workflow.sh
Administrators are strongly advised to promptly apply available VMware Aria Operations security patches or implement workarounds, especially if there is evidence of active exploitation of the vulnerability in attacks.
Malicious software is becoming increasingly sophisticated. The Red Report 2026 delves into how new threats leverage mathematical techniques to evade sandboxes and remain undetected.
Access our analysis of 1.1 million malicious samples to uncover the top 10 techniques and assess the effectiveness of your security measures.
Revving Up: Searching for CarExpert.co.nz’s Top Presenter and Reviewer
Advancing Military Technology: Inside the EU’s Innovation Strategy
Exploited RCE Vulnerability in VMware Aria Operations Identified by CISA
Verminsteel: The Furry Fighting Revolution
Unveiling the OnePlus 15T: Enhanced Periscope Camera and Sleek Bezels
The Pricing Paradox: Discrepancies in AI Startup Equity Sales
Smart Luggage Tracking: Android’s Find Hub Revolutionizes Travel Technology
Samsung’s Latest Galaxy Watch to Feature Snapdragon Wear Elite Chip Technology
Exploring the Impact of Apple on User Experience
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook and Instagram to Reduce Personalized Ads for European Users
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Breaking Updates: Meta Connect 2025 Unveils Latest Developments
Dear Apple.
22 NIGHTMARE Tech FAILS they want us to forget.
Do NOT buy the Freedom Phone!! 🤬
Nothing Ear 1 Review – The Problem with Hype.
Calyx OS – The next big Android Competitor!?
24 HOTTEST Inventions that will change your Life.
Galaxy Z Fold 3 – What was Samsung Thinking!?
Why Samsung is losing to Xiaomi.
I bought the CHEAPEST Tech in the World 🌍
-
Facebook4 months agoEU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
-
Facebook5 months agoWarning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
-
Facebook5 months agoFacebook Compliance: ICE-tracking Page Removed After US Government Intervention
-
Facebook5 months agoInstaDub: Meta’s AI Translation Tool for Instagram Videos
-
Facebook3 months agoFacebook’s New Look: A Blend of Instagram’s Style
-
Facebook3 months agoFacebook and Instagram to Reduce Personalized Ads for European Users
-
Facebook3 months agoReclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
-
Apple4 months agoMeta discontinues Messenger apps for Windows and macOS
