From tenable.com
VMware has issued patches for a critical remote code execution vulnerability in vCenter Server. Organizations are strongly encouraged to apply patches as soon as possible.
Update June 2: The Identifying Affected Systems section has been updated to include audit checks for the workaround.
Update June 4: The Proof of Concept section has been updated to reflect the publication of exploit code and active scanning for vulnerable servers.