Researchers have developed an exploit for a group of vulnerabilities in VMware vRealize Log Insight that can lead to remote code execution as root.
VMware Cloud Foundation is impacted by a remote code execution vulnerability in the XStream open source library.
Attackers used a unique tactic to install backdoors after compromising multiple organizations' VMware ESXi servers.
A researchers has released a proof-of-concept exploit for CVE-2022-31656, a critical authentication bypass in VMware ONE Access.
VMware said it has not observed exploitation of the vulnerability in the wild.