VMSA-2026-0001: VMware Aria Operations updates address multiple vulnerabilities (CVE-2026-22719, CVE-2026-22720 and CVE-2026-22721)
36947
24 February 2026
24 February 2026
OPEN
HIGH
8.1-6.2
CVE-2026-22719, CVE-2026-22720 and CVE-2026-22721
| Advisory ID: |
VMSA-2026-0001 |
| Advisory Severity: | Important |
| CVSSv3 Range: | 6.2 - 8.1 |
| Synopsis: | VMware Aria Operations updates address multiple vulnerabilities (CVE-2026-22719, CVE-2026-22720 and CVE-2026-22721) |
| Issue date: | 2026-02-24 |
| Updated on: | 2026-02-24 (Initial Advisory) |
| CVE(s) | CVE-2026-22719, CVE-2026-22720, CVE-2026-22721 |
1. Impacted Products
- VMware Aria Operations
- VMware Cloud Foundation
- VMware Telco Cloud Platform
- VMware Telco Cloud Infrastructure
2. Introduction
Multiple vulnerabilities in VMware Aria Operations were privately reported to Broadcom. Patches and workarounds are available to remediate or workaround this vulnerability in affected Broadcom products.
3a. VMware Aria Operations command injection vulnerability (CVE-2026-22719)
Description:
VMware Aria Operations contains a command injection vulnerability. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
Known Attack Vectors:
A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.
Resolution:
To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds:
Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the 'Response Matrix' below.
Additional Documentation:
None.
Acknowledgements:
This issue was privately reported to us.
Notes:
None.
3b. VMware Aria Operations stored cross site scripting vulnerability (CVE-2026-22720)
Description:
VMware Aria Operations contains a stored cross-site scripting vulnerability. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.0.
Known Attack Vectors:
A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations.
Resolution:
To remediate CVE-2026-22720, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds:
None.
Additional Documentation:
None.
Acknowledgements:
Broadcom would like to thank Tobias Anders, Deutsche Telekom Security GmbH for reporting this issue to us.
Notes:
None.
3c. VMware Aria Operations privilege escalation vulnerability (CVE-2026-22721)
Description:
VMware Aria Operations contains a privilege escalation vulnerability. Broadcom has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.2.
Known Attack Vectors:
A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations.
Resolution:
To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds:
None.
Additional Documentation:
None.
Acknowledgements:
Broadcom would like to thank Sven Nobis of ERNW Enno Rey Netzwerke GmbH and Lorin Lehawany of ERNW Enno Rey Netzwerke GmbH for reporting this issue to us.
Notes:
None.
Response Matrix:
| Product | Component | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version | Workaround | Additional Documents |
|
VMware Cloud Foundation VMware vSphere Foundation |
VMware Cloud Foundation Operations | 9.x.x.x | Any |
CVE-2026-22719, CVE-2026-22720, CVE-2026-22721 |
8.1, 8.0, 6.2 | Important | KB430349(CVE-2026-22719) | None | |
| VMware Aria Operations | N/A | 8.x | Any |
CVE-2026-22719, CVE-2026-22720, CVE-2026-22721 |
8.1, 8.0, 6.2 | Important | 8.18.6 | KB430349(CVE-2026-22719) | None |
| VMware Cloud Foundation | VMware Aria Operations | 5.x, 4.x | Any |
CVE-2026-22719, CVE-2026-22720, CVE-2026-22721 |
8.1, 8.0, 6.2 | Important | KB92148 | KB430349(CVE-2026-22719) | None |
| VMware Telco Cloud Platform | VMware Aria Operations | 5.x, 4.x | Any |
CVE-2026-22719, CVE-2026-22720, CVE-2026-22721 |
8.1, 8.0, 6.2 | Important | KB428241 | KB430349(CVE-2026-22719) | None |
| VMware Telco Cloud Infrastructure | VMware Aria Operations | 3.x, 2.x | Any |
CVE-2026-22719, CVE-2026-22720, CVE-2026-22721 |
8.1, 8.0, 6.2 | Important | KB428241 | KB430349(CVE-2026-22719) | None |
4. References:
Fixed Version(s) and Release Notes:
VMware Cloud Foundation Operations 9.0.2.0
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/release-notes/vmware-cloud-foundation-9-0-2-release-notes.html
https://support.broadcom.com/group/ecx/productfiles?displayGroup=VMware%20Cloud%20Foundation%209&release=9.0.2.0&os=&servicePk=537791&language=EN&groupId=537705&viewGroup=true
VMware vSphere Foundation 9.0.2.0-VCF Operations
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-9-0-and-later/9-0/release-notes/vmware-cloud-foundation-9-0-2-release-notes.html
https://support.broadcom.com/group/ecx/productfiles?displayGroup=VMware%20vSphere%20Foundation%209&release=9.0.2.0&os=&servicePk=537838&language=EN&groupId=537705&viewGroup=true
VMware Aria Operations 8.18.6
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-operations/8-18/vmware-aria-operations-8186-release-notes.html
https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Aria%20Operations&displayGroup=VMware%20Aria%20Operations&release=8.18.6&os=&servicePk=539057&language=EN
Mitre CVE Dictionary Links:
https://www.cve.org/CVERecord?id=CVE-2026-22719
https://www.cve.org/CVERecord?id=CVE-2026-22720
https://www.cve.org/CVERecord?id=CVE-2026-22721
FIRST CVSSv3 Calculator:
CVE-2026-22719: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2026-22720: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
CVE-2026-22721: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
5. Change Log:
2026-02-24: VMSA-2026-0001
Initial security advisory.
6. Contact:
E-mail: [email protected]
PGP key
https://knowledge.broadcom.com/external/article/321551
VMware Security Advisories
https://www.broadcom.com/support/vmware-security-advisories
VMware External Vulnerability Response and Remediation Policy
https://www.broadcom.com/support/vmware-services/security-response
VMware Lifecycle Support Phases
https://support.broadcom.com/group/ecx/productlifecycle
VMware Security Blog
https://blogs.vmware.com/security
X
https://x.com/VMwareSRC
Copyright 2026 Broadcom. All rights reserved.