Several vulnerabilities have been patched in VMware products.

Broadcom released patches for six vulnerabilities affecting VMware products, including four rated high-severity. One major flaw allows local privilege escalation to root on virtual machines using VMware Tools managed by Aria Operations. Other issues include credential disclosure, guest VM access, SMTP header injection, and username enumeration vulnerabilities in NSX and vCenter. While no active exploitation has been reported, users are strongly advised to update to the latest versions to secure their systems.

Read more:

https://www.securityweek.com/high-severity-vulnerabilities-patched-in-vmware-aria-operations-nsx-vcenter/