CVE-2025-22215 – VMware Aria Automation Vulnerability

Severity

Medium

Analysis Summary

CVE-2025-22215

VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious actor with "Organization Member" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2025-22215

Affected Vendors

VMWare

Affected Products

VMware Aria Automation

Remediation

Refer to VMware Website for patch, upgrade, or suggested workaround information.

VMware Website

Multiple Apple Products Vulnerabilities

Multiple Intel Products Vulnerabilities

CVE-2025-22215 – VMware Aria Automation Vulnerability

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan