VMware fixes command injection flaw in Aria Operations
Summary
VMware has released patches for high- and medium-risk vulnerabilities affecting Aria Operations, Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure products. The most serious flaw, CVE-2026-22719, allows unauthenticated attackers to execute arbitrary commands, while CVE-2026-22720 allows authenticated users to elevate privileges via stored XSS.
IFF Assessment
The article describes vulnerabilities that could be exploited by attackers to gain unauthorized access and execute commands.
Severity
Defender Context
Defenders need to prioritize patching VMware Aria Operations and related products to address the command injection and privilege escalation vulnerabilities. Given past exploitation of similar flaws, organizations should closely monitor their systems for suspicious activity, particularly during support-assisted product migrations and around user roles with custom benchmark creation permissions. Virtualization infrastructure is a known target.