VMware has updated its security bulletin to warn that older versions have a serious vRealize security issue and that hackers exploit the vulnerability. Users are advised to install the patch immediately.
The updated bulletin confirms that hackers have already attacked the vulnerability. VMware released the patch two weeks ago, and cybersecurity firm GreyNoise also issued an alert on June 15, urging users to upgrade as soon as possible.
GreyNoise CEO Andrew Morris has also alerted VMware administrators to this malicious activity, providing specific tags to help track IP addresses that have attempted to exploit the CVE-2023-20887 vulnerability.