VMware Aria Operations

Privilege Escalation in VMware Aria Ops via vCenter Access
CVE-2026-22721 6.2 - Medium - February 25, 2026

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found in  VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 .

Improper Privilege Management

VMware Aria Ops XS: Privileged XSS for Admin Actions
CVE-2026-22720 8 - High - February 25, 2026

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations.  To remediate CVE-2026-22720, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' of  VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947https:// .

XSS

VMware Aria Ops cmd injection leads to RCE during migration
CVE-2026-22719 8.1 - High - February 25, 2026

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.  To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001  Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

Command Injection

VMware Aria Ops Cred Disclosure via Info Leak
CVE-2025-41245 4.9 - Medium - September 29, 2025

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations.

Insecure Default Initialization of Resource

VMware Aria Ops/Tools LPE via SDMP (VMware vSphere)
CVE-2025-41244 7.8 - High - September 29, 2025

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.

Privilege Defined With Unsafe Actions

VMware Aria Ops LPE to root on appliance
CVE-2025-22231 - April 01, 2025

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations.

VMware Aria Ops Info Disclosure via Outbound Plugin Credential Leak
CVE-2025-22222 6.5 - Medium - January 30, 2025

VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.

Stored XSS in VMware Aria Ops via View Editing
CVE-2024-38832 6.4 - Medium - November 26, 2024

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

VMware Aria Ops LPE via Properties File
CVE-2024-38831 7.8 - High - November 26, 2024

VMware Aria Operations contains a local privilege escalation vulnerability.  A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to  a root user on the appliance running VMware Aria Operations.

VMware Aria Operations Local Privilege Escalation to Root on Appliance
CVE-2024-38830 7.8 - High - November 26, 2024

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.

CVE-2024-38833: Stored XSS via Email Templates in VMware Aria Ops
CVE-2024-38833 5.4 - Medium - November 26, 2024

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

VMware Aria Ops: Stored XSS via Editing Access
CVE-2024-38834 4.8 - Medium - November 26, 2024

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

VMware Aria Ops LPE: Admin Can Escalate to root
CVE-2024-22235 6.7 - Medium - February 21, 2024

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

VMware Aria Operations: LPE via admin escalation to root
CVE-2023-34043 6.7 - Medium - September 27, 2023

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

Improper Privilege Management

VMware Aria Ops: Privileges Escal to root via Local Admin
CVE-2023-20880 6.7 - Medium - May 12, 2023

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

VMware Aria Ops LPE: Admin-user Escalates to Root OS
CVE-2023-20879 6.7 - Medium - May 12, 2023

VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.

VMware Aria Ops: Deserialization Exec with Admin Privs - CVE-2023-20878
CVE-2023-20878 7.2 - High - May 12, 2023

VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.

Marshaling, Unmarshaling

VMware Aria Ops PrivEsc via ReadOnly Code Exec
CVE-2023-20877 8.8 - High - May 12, 2023

VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.

VMware Aria Ops arbitrary file read via auth bypass
CVE-2022-31682 4.9 - Medium - October 11, 2022

VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data.