I’ve been getting notifications from vulnerability evaluation vendors as well as customers about this threat. Its a real threat for those using VMware and should be taken seriously. A summary is for the following …
“These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021,” the Computer Emergency Response Team (CERT) of France said in an advisory on Friday.
Later this updated was posted …
OVHcloud, over the weekend, confirmed that the ransomware attacks leveraged a vulnerability in OpenSLP as an initial compromise vector. The company, however, said it cannot confirm if it entailed the abuse of CVE-2021-21974 at this stage. It also backtracked on initial findings that suggested a plausible link to Nevada ransomware.
See details on this threat via thehackernews post found HERE.