好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内。首先,我得仔细阅读文章,抓住主要信息。 文章讲的是VMware Aria Operations的一个漏洞CVE-2026-22719被CISA加入已知被利用的漏洞目录。这个漏洞是命令注入类型,允许未认证的攻击者执行任意命令,可能导致远程代码执行。Broadcom警告说这个漏洞可能被利用,但无法独立确认。VMware已经在2月24日发布了补丁,并提供了一个临时脚本作为缓解措施。CISA要求联邦机构在3月24日前修复。 接下来,我需要把这些关键点浓缩成100字以内的中文摘要。要确保包含漏洞名称、类型、影响、发布日期、补丁情况以及CISA的要求。 最后,检查一下字数是否符合要求,语言是否简洁明了。 </think> 美国网络安全和基础设施安全局(CISA)将VMware Aria Operations的一个命令注入漏洞(CVE-2026-22719)加入其已知被利用的漏洞目录。该漏洞允许未认证攻击者执行任意命令,可能导致远程代码执行。Broadcom警告称该漏洞可能被利用但无法独立确认。VMware于2月24日发布补丁,并提供临时脚本缓解风险。CISA要求联邦机构在3月24日前修复此漏洞。 2026-3-3 23:45:17 Author: www.bleepingcomputer.com(查看原文) 阅读量:18 收藏
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks.
Broadcom also warned that it is aware of reports indicating the vulnerability is exploited but says it cannot independently confirm the claims.
VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure.
The vulnerability was originally disclosed and patched on February 24, 2026, as part of VMware's VMSA-2026-0001 advisory, which was rated Important with a CVSS score of 8.1.
The flaw has now been added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with the US cyber agency requiring federal civilian agencies to address the issue by March 24, 2026.
In a recent update to the advisory, Broadcom said it is aware of reports indicating the vulnerability is exploited in attacks but cannot confirm the claims.
"Broadcom is aware of reports of potential exploitation of CVE-2026-22719 in the wild, but we cannot independently confirm their validity," states the updated advisory.
At this time, no technical details about how the flaw may be exploited have been publicly disclosed.
BleepingComputer contacted Broadcom with questions regarding the reported activity, but has not received a response.
The command injection flaw
According to Broadcom, CVE-2026-22719 is a command injection vulnerability that allows an unauthenticated attacker to execute arbitrary commands on vulnerable systems.
"A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress," the advisory explains.
Broadcom released security patches on February 24 and also provided a temporary workaround for organizations unable to apply the patches immediately.
The mitigation is a shell script named "aria-ops-rce-workaround.sh," which must be executed as root on each Aria Operations appliance node.
The script disables components of the migration process that could be abused during exploitation, including removing the "/usr/lib/vmware-casa/migration/vmware-casa-migration-service.sh" and the following sudoers entry that allows vmware-casa-workflow.sh to run as root without a password:
NOPASSWD: /usr/lib/vmware-casa/bin/vmware-casa-workflow.shAdmins are advised to apply available VMware Aria Operations security patches or implement workarounds as soon as possible, especially if the flaw is being actively exploited in attacks.
Red Report 2026: Why Ransomware Encryption Dropped 38%
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
如有侵权请联系:admin#unsafe.sh