7 Severe Vulnerabilities Patched in VMware Avi Load Balancer

7 Severe Vulnerabilities Patched in VMware Avi Load Balancer
Broadcom has released VMware Avi Load Balancer updates to fix seven serious vulnerabilities, including a critical authentication bypass that could let an attacker breach the Avi control plane. The flaws were reported by Filip Waeytens of NATO’s technology and cyber hub and Lang Khuong Duy of Viettel IDC, and Broadcom says there is no evidence of in-the-wild exploitation yet. #VMwareAviLoadBalancer #Broadcom #FilipWaeytens #ViettelIDC #CV E-2026-47865 #CV E-2026-47866 #CV E-2026-47867 #CV E-2026-47868 #CV E-2026-47869 #CV E-2026-47870 #CV E-2026-47871

Keypoints

  • Broadcom patched seven critical and high-severity VMware Avi Load Balancer vulnerabilities.
  • CVE-2026-47865 is a critical authentication bypass that can expose the Avi control plane.
  • Three high-severity flaws can enable authentication bypass, arbitrary code execution, and root privilege escalation.
  • Two additional bugs enable directory traversal and privilege escalation.
  • Broadcom has not seen in-the-wild exploitation, but organizations should update immediately.

Read More: https://www.securityweek.com/7-severe-vulnerabilities-patched-in-vmware-avi-load-balancer/