CISA Identifies Actively Exploited Critical VMware vCenter Server Vulnerability, Orders Federal Agencies to Patch Within Three Weeks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in VMware vCenter Server that is being actively exploited and has mandated American federal agencies to secure their servers within a three-week deadline. This remote code execution (RCE) flaw allows attackers to execute code remotely on affected systems. The vulnerability has been added to CISA's Known Exploited Vulnerabilities Catalog, requiring federal agencies to apply available patches before the set deadline.