top of page
Search

CISA Adds Actively Exploited VMware Aria Operations Flaws to KEV Catalog

  • Mar 4
  • 1 min read

Key Findings


  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:

  • CVE-2026-22719 (CVSS 8.1) - Broadcom VMware Aria Operations Command Injection Vulnerability

  • CVE-2026-21385 (CVSS 7.8) - Qualcomm Multiple Chipsets Memory Corruption Vulnerability


Background


  • The Broadcom vulnerability is a command injection flaw that allows an unauthenticated attacker to execute arbitrary commands, potentially leading to remote code execution.

  • The Qualcomm vulnerability is a buffer over-read in the Graphics component that could allow attackers to access sensitive memory data, affecting Android devices.

  • Both vulnerabilities have been reported as actively exploited in the wild.


VMware Aria Operations Vulnerability (CVE-2026-22719)


  • The vulnerability affects VMware Cloud Foundation, VMware vSphere Foundation, and VMware Aria Operations products.

  • Broadcom released security updates to address the flaw, along with two other vulnerabilities (CVE-2026-22720 and CVE-2026-22721).

  • Customers who cannot immediately apply the patch can use a provided shell script to mitigate the issue.


Qualcomm Android Vulnerability (CVE-2026-21385)


  • The vulnerability affects Qualcomm multiple chipsets used in Android devices.

  • Google has confirmed that the flaw is under limited, targeted exploitation.

  • The vulnerability could allow attackers to access sensitive memory data, posing a risk to Android users.


CISA Action and Guidance


  • CISA has added these vulnerabilities to its KEV catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to address them by March 24, 2026.

  • Private organizations are also recommended to review the KEV catalog and address the identified vulnerabilities to protect their networks.


Sources


  • https://thehackernews.com/2026/03/cisa-adds-actively-exploited-vmware.html

  • https://securityaffairs.com/188887/security/u-s-cisa-adds-qualcomm-and-broadcom-vmware-aria-operations-flaws-to-its-known-exploited-vulnerabilities-catalog.html

  • https://x.com/shah_sheikh/status/2029072248603357583/photo/1

  • https://x.com/Dinosn/status/2029078595587416203

  • https://windowsforum.com/threads/cisa-adds-qualcomm-android-and-vmware-aria-flaws-to-kev-catalog-patch-now.403868/?amp=1

Recent Posts

See All

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page