A new security advisory, VMSA-2021-0010, has been issued on vCenter Server 6.5, 6.7, and 7.0. This needs your immediate attention if you are using vCenter server. There is a remote code execution vulnerability in the vSAN plugin. This vulnerability can be used by anyone who can reach vCenter servers over the network to gain access. The course forward will depend on where you are in the upgrade process, if you use vSAN, and if you have other security controls.”]
Source: https://blogs.vmware.com/vsphere/2021/05/vmsa-2021-0010.html