The NSA warned that Russian state attackers are targeting a recent VMware vulnerability, which NSA discovered and disclosed.
A critical command injection vulnerability (CVE-2020-4006) with no fix available has been discovered in VMware Workspace One.
The VMware vCenter Server vulnerability (CVE-2020-3952) patched last week can lead to an authentication bypass as well as information disclosure.