Security authorities and transportation regulators, CISA, have issued key updates affecting both enterprise technology and ride-hailing services, highlighting developments in cybersecurity risk and regulatory approvals in India.
The Cybersecurity and Infrastructure Security Agency has added a vulnerability in VMware Aria Operations to its Known Exploited Vulnerabilities catalog, warning that the flaw is being used in cyberattacks.
The vulnerability, tracked as CVE-2026-22719, was first disclosed on February 24, 2026 as part of the VMSA-2026-0001 advisory issued by Broadcom. The flaw carries a CVSS severity score of 8.1.
VMware Aria Operations is used by organizations to monitor the performance and health of servers, networks and cloud infrastructure.
According to Broadcom, the issue is a command injection vulnerability that allows an unauthenticated attacker to run arbitrary commands on vulnerable systems. The advisory explains, “A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.”
Although CISA has flagged the flaw as actively exploited, Broadcom said it cannot independently confirm the reports. “Broadcom is aware of reports of potential exploitation of CVE-2026-22719 in the wild, but we cannot independently confirm their validity,” the company stated in an advisory update.
Federal civilian agencies in the United States have been directed to fix the issue by March 24, 2026.
Security patches were released on February 24. Broadcom also provided a temporary workaround using a script called aria-ops-rce-workaround.sh, which must be run as root on each appliance node. The script disables parts of the migration process that could be abused during an attack, including removing “/usr/lib/vmware-casa/migration/vmware-casa-migration-service.sh” and the sudoers entry allowing vmware-casa-workflow.sh to run without a password.
Separately, Uber has received a renewed transport aggregator licence from the Karnataka State Transport Authority.
The licence allows Uber to operate cars and autorickshaws in the state and is valid for 5 years from 31 December 2021 to 30 December 2026 under the Karnataka On-Demand Transportation Technology Aggregators Rules, 2016.
An Uber spokesperson said, “We are pleased to receive our transport aggregator licence in Karnataka, a state that has been one of Uber’s most important markets in India. This licence reflects our continued commitment to serving riders and drivers across the state.”
The approval ends a long period of regulatory uncertainty. The licences of Ola and Uber had expired in June 2021 and December 2021 respectively. Authorities earlier cited non-compliance with renewal requirements and objections to operational rules such as setting up a toll-free helpline.
The companies had continued operating due to a court order preventing authorities from taking “any coercive action” while the dispute was under review.
Under the renewed licence issued under Section 93 of the Motor Vehicles Act, Uber must meet several requirements. These include minimum fleet thresholds, a control room in Bengaluru, GPS and panic-button features, police verification of drivers, adherence to government-set fares and a grievance redressal system.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
