VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.