The National Security Agency says Russian state-sponsored threat actors are exploiting a recently patched vulnerability to steal sensitive information after deploying web shells on vulnerable servers. The vulnerability was initially rated as a critical severity vulnerability but VMware has lowered its maximum severity rating to ‘Important’ after releasing a patch and sharing that exploitation requires a “valid password for the configurator admin account”” The NSA also refrained from providing further information about the start date of these attacks saying it “”does not publicly share details on victims of foreign malicious cyber activity”””
Source: https://www.bleepingcomputer.com/news/security/nsa-russian-state-hackers-exploit-new-vmware-vulnerability-to-steal-data/