US Cybersecurity Adds Exploited VMware Aria Operations To KEV Catalog (thehackernews.com)
(Thursday March 05, 2026 @05:00AM (BeauHD)
from the PSA dept.)
- Reference: 0180907356
- News link: https://it.slashdot.org/story/26/03/04/2314224/us-cybersecurity-adds-exploited-vmware-aria-operations-to-kev-catalog
- Source link: https://thehackernews.com/2026/03/cisa-adds-actively-exploited-vmware.html
[1]joshuark writes:
> The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has [2]added a VMware Aria Operations vulnerability tracked as [3]CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, [4]flagging the flaw as exploited in attacks . VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure. The flaw has now been added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with the U.S. cyber agency requiring federal civilian agencies to address the issue by March 24, 2026. Broadcom said it is aware of reports indicating the vulnerability is exploited in attacks but cannot confirm the claims.
>
> "A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress," the advisory explains. Broadcom released security patches on February 24 and also provided a temporary workaround for organizations unable to apply the patches immediately. The mitigation is a [5]shell script named "aria-ops-rce-workaround.sh," which must be executed as root on each Aria Operations appliance node. There are currently no details on how the vulnerability is being exploited in the wild, who is behind it, and the scale of such efforts.
[1] https://slashdot.org/~joshuark
[2] https://www.cisa.gov/news-events/alerts/2026/03/03/cisa-adds-two-known-exploited-vulnerabilities-catalog
[3] https://www.cve.org/CVERecord?id=CVE-2026-22719
[4] https://thehackernews.com/2026/03/cisa-adds-actively-exploited-vmware.html
[5] https://knowledge.broadcom.com/external/article/430349
> The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has [2]added a VMware Aria Operations vulnerability tracked as [3]CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, [4]flagging the flaw as exploited in attacks . VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure. The flaw has now been added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with the U.S. cyber agency requiring federal civilian agencies to address the issue by March 24, 2026. Broadcom said it is aware of reports indicating the vulnerability is exploited in attacks but cannot confirm the claims.
>
> "A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress," the advisory explains. Broadcom released security patches on February 24 and also provided a temporary workaround for organizations unable to apply the patches immediately. The mitigation is a [5]shell script named "aria-ops-rce-workaround.sh," which must be executed as root on each Aria Operations appliance node. There are currently no details on how the vulnerability is being exploited in the wild, who is behind it, and the scale of such efforts.
[1] https://slashdot.org/~joshuark
[2] https://www.cisa.gov/news-events/alerts/2026/03/03/cisa-adds-two-known-exploited-vulnerabilities-catalog
[3] https://www.cve.org/CVERecord?id=CVE-2026-22719
[4] https://thehackernews.com/2026/03/cisa-adds-actively-exploited-vmware.html
[5] https://knowledge.broadcom.com/external/article/430349
AI health monitor suffers health problems /s (Score:2)
ClippyAI: “VMware Aria Operations (formerly known as vRealize Operations or vROps) is a unified, AI-powered IT operations management platform designed for monitoring, analyzing, and optimizing IT environments across private, hybrid, and multi-cloud setups.”
“It provides full-stack visibility into applications, infrastructure, and platform services, helping organizations achieve consistent operations, proactive issue resolution, and efficient resource management.”