~/home/news/vmware-aria-operations-faces-2026-03-03
newsMonday, March 2, 20268 min read👁 10 views

VMware Aria Operations Faces Critical Command Injection, XSS & Escalation Flaws

VMware disclosed three high-severity vulnerabilities (CVE-2026-22719, CVE-2026-22720, CVE-2026-22721) in Aria Operations that enable unauthenticated command injection, stored XSS, and privilege escalation. Patches are now available for Aria Operations 8.18.6, Cloud Foundation 5.2.3 and 9.0.2, and related Telco Cloud products.

VMwareAria OperationsVulnerabilitySecurity

Overview/Introduction

On 24 February 2026 Broadcom released an urgent security advisory that patches three high-severity flaws affecting VMware Aria Operations and the broader VMware Cloud Foundation (VCF) stack. The vulnerabilities-CVE-2026-22719, CVE-2026-22720, and CVE-2026-22721-span the classic attack spectrum: unauthenticated remote code execution via command injection, a stored cross-site scripting (XSS) vector, and a privilege-escalation path that can elevate a compromised account to full administrator rights. While no active exploitation has been reported in the wild, the history of VMware product abuse by nation-state actors makes rapid remediation essential.

Technical Details

CVE-2026-22719 - Unauthenticated Command Injection

CVSS v3.1: 8.1 (High)

This flaw resides in the migration-assistant component that runs when a customer initiates a support-assisted product migration. An attacker can send a specially crafted HTTP request to the /migration/execute endpoint, injecting arbitrary shell commands into the cmd parameter. Because the service runs with root privileges on the underlying OS, successful exploitation results in remote code execution (RCE) on the host hosting Aria Operations.

Key characteristics:

  • No authentication required - the endpoint is exposed on the management network during migration windows.
  • Exploitation is limited to the migration phase, reducing the attack surface when the feature is disabled.
  • Impact is OS-level code execution, enabling attackers to install backdoors, exfiltrate data, or pivot to other VMs.

CVE-2026-22720 - Stored Cross-Site Scripting (XSS)

CVSS v3.1: 8.0 (High)

Aria Operations allows privileged users to create custom benchmarks for performance monitoring. The benchmark creation UI fails to properly sanitise user-supplied JavaScript in the description and script fields. An attacker with the "Create Custom Benchmark" permission can embed malicious scripts that persist in the database. When any admin later views the benchmark list, the script executes in the context of the admin’s browser session, granting the attacker the ability to perform actions such as:

  • Harvesting authentication cookies.
  • Issuing API calls to modify configuration.
  • Launching CSRF attacks against other VMware services.

Because the payload is stored, the attack survives restarts and can be leveraged in a multi-step intrusion chain.

CVE-2026-22721 - Privilege Escalation

CVSS v3.1: 6.2 (Medium)

This issue is a logic flaw in the role-mapping module that synchronises vCenter permissions with Aria Operations. An attacker who already possesses limited vCenter rights (e.g., read-only access to certain inventory objects) can manipulate the roleAssignment API to inject a crafted JSON payload that grants the "Administrator" role within Aria Operations. The escalation does not require additional authentication and works across all supported releases (8.18.6, 5.2.3, 9.0.2).

Impact Analysis

The three flaws collectively jeopardise the confidentiality, integrity, and availability of the entire VMware management stack:

  • Unauthenticated RCE (CVE-2026-22719): Direct compromise of the host OS, potential takeover of the entire private-cloud environment.
  • Stored XSS (CVE-2026-22720): Lateral movement from a low-privilege user to an admin, enabling stealthy persistence.
  • Privilege escalation (CVE-2026-22721): Converts any foothold in vCenter into full Aria Operations control.

All products that embed Aria Operations-VMware Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure-inherit these risks. Enterprises that rely on these solutions for multi-cloud monitoring, capacity planning, and compliance reporting are especially exposed.

Timeline of Events

  • 15 February 2026: Broadcom receives private disclosures of the three vulnerabilities from an independent researcher.
  • 22 February 2026: Broadcom coordinates with VMware to develop patches and drafts the advisory.
  • 24 February 2026: Public advisory and patches released. Versions affected: Aria Operations 8.18.6, Cloud Foundation 5.2.3 and 9.0.2, Telco Cloud Platform/Infrastructure (same underlying version).
  • 28 February 2026 - present: No confirmed in-the-wild exploitation, but monitoring spikes in migration-assistant traffic are observed by several MSSPs.

Mitigation/Recommendations

Given the high CVSS scores and the potential for rapid lateral movement, organisations should adopt a multi-layered response:

  1. Patch immediately: Apply the bundled updates for Aria Operations 8.18.6, VCF 5.2.3/9.0.2, and any Telco Cloud components. Verify patch integrity via VMware’s SHA-256 hashes.
  2. Disable migration-assistant when not in use: Turn off the support-assisted migration feature in production environments to eliminate the CVE-2026-22719 attack surface.
  3. Review benchmark permissions: Restrict the "Create Custom Benchmark" role to a minimal set of trusted administrators. Audit existing benchmarks for suspicious scripts.
  4. Enforce least-privilege on vCenter: Re-evaluate read-only or limited roles that could be leveraged for CVE-2026-22721. Use role-based access control (RBAC) and MFA for all vCenter accounts.
  5. Network segmentation: Isolate management networks from production workloads. Apply strict firewall rules to the /migration API endpoint.
  6. Log and monitor: Enable detailed logging for Aria Operations API calls, especially /migration/execute and /benchmark endpoints. Correlate with SIEM alerts for command-injection patterns (e.g., presence of semicolons, pipe characters).
  7. Incident response preparation: Draft a playbook for RCE containment - include host isolation, forensic imaging, and credential rotation.

Real-World Impact

Enterprises that run hybrid-cloud workloads on VMware often treat Aria Operations as the single pane of glass for performance, capacity, and cost analytics. A breach of this component can give attackers visibility into every virtual machine, storage asset, and network interface across the data centre. In a telco environment, where the Telco Cloud Platform orchestrates network functions virtualisation (NFV) workloads, the stakes are even higher: compromising Aria Operations could enable manipulation of virtualised base-band functions, potentially disrupting live services and violating regulatory compliance (e.g., GDPR, FCC).

Beyond direct impact, the stored XSS vector provides a stealthy foothold that can evade traditional endpoint detection. An attacker could embed a benign-looking benchmark that silently exfiltrates admin credentials over weeks, later using the escalated privileges to install ransomware or cryptominers on the underlying ESXi hosts.

Expert Opinion

From a strategic perspective, these three bugs underscore a recurring theme in modern cloud-native management stacks: the convergence of UI-driven configurability and deep system privileges creates a fertile attack surface. While VMware has historically been diligent about patching, the fact that a command-injection flaw still exists in a migration-assistant component suggests that operational tooling often receives less rigorous code review than core hypervisor components.

For CISOs, the immediate takeaway is to treat management plane software with the same criticality as the workloads it monitors. Deploying a zero-trust model for internal APIs, enforcing MFA for all admin accounts, and regularly scanning for insecure custom scripts should become baseline controls. Moreover, organisations should consider employing a dedicated “management-plane hardening” audit-covering not just patch status but also configuration hygiene (e.g., disabling unused features, tightening RBAC).

Looking ahead, I anticipate that threat actors will start weaponising the migration-assistant endpoint in targeted campaigns, especially against organisations that run frequent version upgrades or cloud-to-cloud migrations. The stored XSS vector, while less flashy than RCE, offers a persistent foothold that aligns with advanced persistent threat (APT) tactics. As such, continuous monitoring and threat-intel integration are essential to detect early indicators of compromise.

In short, the rapid release of patches is welcome, but the real defense lies in a disciplined operational posture that treats management services as a high-value attack vector rather than a peripheral convenience.