{"id":219696,"date":"2026-03-03T23:35:00","date_gmt":"2026-03-04T04:35:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/03\/cisa-adds-actively-exploited-vmware-aria-operations-flaw-cve-2026-22719-to-kev-catalog\/"},"modified":"2026-03-04T06:40:13","modified_gmt":"2026-03-04T11:40:13","slug":"cisa-adds-actively-exploited-vmware-aria-operations-flaw-cve-2026-22719-to-kev-catalog","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/03\/cisa-adds-actively-exploited-vmware-aria-operations-flaw-cve-2026-22719-to-kev-catalog\/","title":{"rendered":"CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/cisa-adds-actively-exploited-vmware.html\">CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/cisa-adds-actively-exploited-vmware.html\">https:\/\/thehackernews.com\/2026\/03\/cisa-adds-actively-exploited-vmware.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-03 23:35:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Mar 04, 2026<\/span><\/span><span class=\"p-tags\">Vulnerability \/ Enterprise Security<\/span><\/p>\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild.<\/p>\n<p>The high-severity vulnerability, <strong>CVE-2026-22719<\/strong> (CVSS score: 8.1), has been described as a case of command injection that could allow an unauthenticated attacker to execute arbitrary commands.<\/p>\n<p>&#8220;A malicious unauthenticated actor may exploit this issue to execute arbitrary commands, which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress,&#8221; the company said in an advisory released late last month.<\/p>\n<p>The shortcoming was addressed, along withCVE-2026-22720, a stored cross-site scripting vulnerability, and CVE-2026-22721, a privilege escalation vulnerability that could result in administrative access. It impacts the following products &#8211;<\/p>\n<ul>\n<li>VMware Cloud Foundation and VMware vSphere Foundation 9.x.x.x &#8211; Fixed in 9.0.2.0<\/li>\n<li>VMware Aria Operations 8.x &#8211; Fixed in 8.18.6<\/li>\n<\/ul>\n<p>Customers who cannot apply the patch immediately can download and run a shell script (&#8220;aria-ops-rce-workaround.sh&#8221;) as root from each Aria Operations Virtual Appliance node.<\/p>\n<p>There are currently no details on how the vulnerability is being exploited in the wild, who is behind it, and the scale of such efforts.<\/p>\n<p>&#8220;Broadcom is aware of reports of potential exploitation of CVE-2026-22719 in the wild, but we cannot independently confirm their validity,&#8221; the company noted in an update to its bulletin.<\/p>\n<p>In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are required to apply the fixes by March 24, 2026.<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/cisa-adds-actively-exploited-vmware.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog https:\/\/thehackernews.com\/2026\/03\/cisa-adds-actively-exploited-vmware.html Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":219697,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjwSnIflppBRH5X_FxN5pZcibA3-KyhW9iDiNGlD76L9B8dFwzLtP5i7FHFzf73XpTAhCLtmQn0JD_fUqgXceUlrCwPgJqbmlkPXi2e_IDggrIHDyJ5HoDzr191LxAbe08arokXZ4FXH5k9NxErepVgiaEkGVfWDWQ2ZWJ8h3mGjySQ-QqTzo02oBdh01Up\/s1600\/vmware.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-219696","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219696"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=219696"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219696\/revisions"}],"predecessor-version":[{"id":219698,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219696\/revisions\/219698"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/219697"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=219696"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=219696"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=219696"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}