Enterprise know-how vendor VMware on Thursday shipped patches for not less than 5 security defects in its Aria Operations and Aria Operations for Logs merchandise, warning that hackers might exploit these points to realize admin entry.
In accordance with a ‘high-risk’ bulletin from VMware, the 2 most critical points (CVE-2025-22218 and CVE-2025-22222) are data disclosure bugs that permits a customers to raise entry rights.
The corporate known as particular consideration to CVE-2025-22218 (CVSS severity rating 8.5/10) that impacts the enterprise-facing Aria Operations for Logs product. VMware mentioned person with ‘View Solely Admin’ permissions might entry credentials for an built-in VMware product.
The second data disclosure problem, which impacts Aria Operations, permits a person with non-administrative privileges to retrieve credentials for an outbound plugin if a legitimate service credential ID is thought.
The corporate additionally flagged a number of moderate-severity points that permits saved cross-site scripting (XSS) assaults the place non-admin customers can inject a malicious script that executes as an admin, probably permitting unauthorized actions.
VMware additionally patched a damaged entry management vulnerability in Aria Operations for Logs that may be exploited by a non-admin person with community entry to the API to execute operations as an admin.
The corporate cautioned that there are not any pre-patch workarounds for these vulnerabilities, which means patching is required to mitigate the dangers. The corporate launched fixes in Aria Operations for Logs 8.18.3 and Aria Operations 8.18.3.
It’s not unusual for risk actors to use VMware product vulnerabilities of their assaults, together with flaws in Aria Operations.
