CISA flags active exploits in XWiki and VMware products.

CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog, citing active exploitation. The XWiki flaw allows unauthenticated remote code execution and has been used to deploy cryptocurrency miners. The VMware bug enables local privilege escalation and has been targeted by suspected Chinese threat actors for a year. Broadcom recently acknowledged in-the-wild exploitation after initially omitting it from its advisory.

Read more:

https://www.securityweek.com/cisa-adds-exploited-xwiki-vmware-flaws-to-kev-catalog/