On May 18, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive (ED) (ED 22-03) that requires federal agencies to apply VMware updates or remove specific VMware products from use until protective updates can be applied. The products possess four possible exploitable vulnerabilities that would allow cyber marauders to execute remote code on a system without authentication and to elevate network access privileges.
“For all affected VMware products identified as being accessible from the internet, agencies are directed to assume a compromise and immediately disconnect the product from their network and conduct threat hunt activities,” CISA stated.