Alert

CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities

Last Revised

CISA has updated Cybersecurity Advisory AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control, originally released May 18, 2022. The advisory has been updated to include additional indicators of compromise and detection signatures, as well as tactics, techniques, and procedures reported by trusted third parties.

CISA encourages organizations to review the latest update to AA22-138B and update impacted VMware products to the latest version or remove impacted versions from organizational networks. 

This product is provided subject to this Notification and this Privacy & Use policy.