https://community.isc2.org/t5/Threats/Known-VMware-Vulnerability-is-Under-Active-Exploitation/m-p/66499#M1046 Vendor has patched even old product chaps and chapettes!<BR /><BR />Patch or have you IP stolen and turned into advantage by your state sponsored competitors…<BR /><BR /> Wed, 24 Jan 2024 10:04:53 GMT Early_Adopter 2024-01-24T10:04:53Z https://community.isc2.org/t5/Threats/Known-VMware-Vulnerability-is-Under-Active-Exploitation/m-p/66485#M1043 <P>Dear All,</P><P>&nbsp;</P><P>Researchers at Mandiant and VMware Product Security have observed state-sponsored threat actors exploiting a known vulnerability in VMware vCenter Server. The out-of-bounds write issue was disclosed and patched in October 2023. VMware determined that the vulnerability was severe enough to merit releasing fixes for products that had reached end-of-life.</P><P><BR /><A href="https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-vmware-bug-as-zero-day-for-two-years/?is=12aceb95f78a59af1317cc4ec15f6e06e7c0e0bd3d6a9255b9e44810d70dbba5" target="_blank">Chinese hackers exploit VMware bug as zero-day for two years (bleepingcomputer.com)</A></P><P>&nbsp;</P><P>&nbsp;</P> Wed, 24 Jan 2024 02:09:12 GMT https://community.isc2.org/t5/Threats/Known-VMware-Vulnerability-is-Under-Active-Exploitation/m-p/66485#M1043 Kyaw_Myo_Oo 2024-01-24T02:09:12Z https://community.isc2.org/t5/Threats/Known-VMware-Vulnerability-is-Under-Active-Exploitation/m-p/66499#M1046 Vendor has patched even old product chaps and chapettes!<BR /><BR />Patch or have you IP stolen and turned into advantage by your state sponsored competitors…<BR /><BR /> Wed, 24 Jan 2024 10:04:53 GMT https://community.isc2.org/t5/Threats/Known-VMware-Vulnerability-is-Under-Active-Exploitation/m-p/66499#M1046 Early_Adopter 2024-01-24T10:04:53Z