VmWare has released updates for a critical flaw in several versions of its vCenter Server virtualization product that can be used for remote code execution.
The NSA warned that Russian state attackers are targeting a recent VMware vulnerability, which NSA discovered and disclosed.
A critical command injection vulnerability (CVE-2020-4006) with no fix available has been discovered in VMware Workspace One.
The VMware vCenter Server vulnerability (CVE-2020-3952) patched last week can lead to an authentication bypass as well as information disclosure.