U.S. CISA Adds Qualcomm and Broadcom VMware Aria Operations Flaws to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting the ongoing threat landscape in the cybersecurity world. These additions come as a warning to organizations to address the identified vulnerabilities in their infrastructure to protect against potential attacks.

The first vulnerability added to the catalog is CVE-2026-22719, affecting VMware Aria Operations. This platform provides performance monitoring, capacity planning, automated alerting, and cost analysis for IT teams to monitor and optimize virtual, cloud, and hybrid environments. However, a command injection flaw in this platform allows an unauthenticated attacker to exploit remotely, potentially leading to remote code execution during support-assisted product migration.

The vulnerability was privately reported to Broadcom, the company behind VMware Aria Operations. CISA has emphasized that addressing this issue is crucial for federal agencies to protect their networks against potential attacks by March 24, 2026. Similarly, private organizations are also recommended to review the catalog and address the vulnerabilities in their infrastructure.

In addition to CVE-2026-22719, CISA has also added CVE-2026-21385 to its KEV catalog, which affects Qualcomm's multiple chipsets. This vulnerability is a buffer over-read issue in the Graphics component that could allow attackers to access sensitive memory data, posing significant risks to Android users.

Google has confirmed that this high-severity vulnerability (CVSS score of 7.8) has been actively exploited, indicating that there are indications of limited, targeted exploitation. According to Google's advisory, a malicious unauthenticated actor may exploit this issue to execute arbitrary commands, potentially leading to remote code execution in VMware Aria Operations during support-assisted product migration.

Both vulnerabilities were privately reported to Broadcom and highlight the importance of staying informed about the latest threats. Experts emphasize that organizations should review the catalog regularly to address identified vulnerabilities and protect their networks against potential attacks.

In conclusion, the addition of these two vulnerabilities to the KEV catalog serves as a reminder for organizations to prioritize cybersecurity and take proactive measures to address identified risks. By doing so, they can mitigate potential attacks and ensure the security and integrity of their infrastructure.

Staying informed about the latest threats and vulnerabilities is crucial for maintaining the security of our digital environments. We will continue to monitor the situation and provide updates as more information becomes available.

Keyword density:

* Hacking: 2 instances * Cybersecurity: 8 instances * Data breach: 0 instances * Malware: 0 instances * Vulnerability: 7 instances * KEV catalog: 3 instances

HACKER_BLOG

U.S. CISA ADDS QUALCOMM AND BROADCOM VMWARE ARIA OPERATIONS FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

U.S. CISA Adds Qualcomm and Broadcom VMware Aria Operations Flaws to Known Exploited Vulnerabilities Catalog

HACKER_BLOG

U.S. CISA ADDS QUALCOMM AND BROADCOM VMWARE ARIA OPERATIONS FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

U.S. CISA Adds Qualcomm and Broadcom VMware Aria Operations Flaws to Known Exploited Vulnerabilities Catalog

RELATED POSTS

‘I can think of a couple Pretti Good reasons!’: Hacktivists may have just cracked open ICE and exposed over 6,000 companies working with the DHS

Project Compass Targets 764 Network as 30 Arrested and Victims Rescued

Israeli spies spent years hacking every camera in Tehran to monitor Ayatollah Ali Khamenei: report