Critical Security Flaw Discovered in VMware Aria Operations

Broadcom has issued a warning regarding a significant security vulnerability found in VMware Aria Operations, which could allow malicious actors to escalate their privileges within the system. This issue, identified as a local privilege escalation vulnerability, poses a high risk to users of the software.

The company explained that the flaw, cataloged under CVE-2025-22231, has a CVSS score of 7.8, indicating its severe nature. Despite the gravity of the situation, Broadcom has not provided specific details on the nature of potential attacks or how administrators can detect attempts to exploit this vulnerability.

Currently, there are no temporary mitigation measures available. Fortunately, there have been no reports of this vulnerability being actively exploited by cybercriminals as of now.

This security weakness affects VMware Aria Operations version 8.x, with the patch available in version 8.18 HF 5. Additionally, for users of VMware Cloud Foundation versions 4.cx and 5.x, a knowledge base article has been released to guide them on addressing the issue. Users of the VMware Telco Cloud Platform and Infrastructure, irrespective of whether they are operating versions 2.x, 3.x, 4.x, or 5.x, are also advised to apply the update to version 8.18 HF 5 to close this security hole.

The update is accessible on a dedicated download page from Broadcom, which also notes that the update addresses other bugs and patches additional vulnerabilities, including several in third-party components such as 7-Zip, Bash, the GNU C Library, RPM, and XZ Utils. It is essential for administrators to implement this update promptly to ensure their systems remain secure.

This warning follows a recent alert from Broadcom regarding a critical vulnerability in VMware ESXi, Fusion, and Workstation, which had already been exploited in the wild by attackers.