From thehackernews.com
![Mware RCE Vulnerability](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEj47_HIWfPxH5nbpGcyEGnt-ZPZUblMOdI_XpyXhu1zRF1eYsvMu6GSc6bhTgUCrOaV7L25EjaOR8knwftP2qbqWLuhSYH3bGjzZDAkqyGt6fVZ1W-qfB01o-OHDuHl6PxzYy5egsmKEPRd_76LyJQI61EFr5fbv02-zMWMSxQIWlRXXlm66FG1JuJG/s728-e1000/vmware.jpg)
An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems.
Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and Identity Manager.