The day after fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible systems. If the vulnerable software can be accessed from the Internet, this will allow an external attacker to penetrate the company’s external perimeter and also gain access to sensitive data. A workaround is available, but it is meant to just be a temporary solution until the updates can be deployed. Several PoC exploit scripts have already popped up on GitHub, and a quarter of these are located in the United States.
Source: https://www.helpnetsecurity.com/2021/02/25/cve-2021-21972/