Mass scanning and exploit attempts are targeting the VMware vCenter vulnerability (CVE-2021-21985) are ongoing, with thousands of unpatched servers still online.
VmWare has released updates for a critical flaw in several versions of its vCenter Server virtualization product that can be used for remote code execution.
The NSA warned that Russian state attackers are targeting a recent VMware vulnerability, which NSA discovered and disclosed.
A critical command injection vulnerability (CVE-2020-4006) with no fix available has been discovered in VMware Workspace One.
The VMware vCenter Server vulnerability (CVE-2020-3952) patched last week can lead to an authentication bypass as well as information disclosure.