- Your iPad is getting a major upgrade for free. 4 top features I can't wait to try in iPadOS 26
- Your MacBook is getting a big upgrade. 5 best features I can't wait to use in MacOS 26
- The Growing Threat of AI-powered Cyberattacks in 2025
- I test tablets for a living and this is the Samsung tablet I recommend the most
- The Cost of Ignoring Patches: How State and Local Governments Can Mitigate Damaging Security Breaches
VMware offers fixes to severe vulnerabilities in VMware Aria
A similar bug (CVE-2025-22222), in the sense that it requires low privilege for exploitation, is affecting VMware Aria Operations, responsible for infrastructure monitoring, performance optimization, capacity planning, automation, and cost management, and has been assigned a CVSS 7.7/10 rating.
“A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known,” Broadcom added in the advisory.
The flaws reportedly impact VMware Aria operations for Logs version 8.x, VMware Aria Operations version 8.x, and VCF versions 5.x and 4.x. They have been fixed in VMware Aria Operations v8.18.3 and VMware Aria Operations for Logs v8.18.3, while users are advised to follow KB92148 for fixing affected VCF environments.
