- Mar 13, 2022
An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems.
Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and Identity Manager.
Iranian Hackers Exploiting VMware RCE Bug to Deploy 'Code Impact' Backdoor
Iranian-linked Rocket Kitten hackers have been exploiting the recently disclosed remote code execution vulnerability in VMware.