TLP Rating: Clear 
CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provide the following advisory.
On June 22nd, 2023, VMware has released a security update to address multiple corruption vulnerabilities to take control of an affected system. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.
What is it?
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
A malicious actor with network access to VCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.
What should I do to Stay Safe?
CERT Vanuatu encourages users and administrators to review VMware Security Advisory VMSA-2023-0014 and apply the necessary updates.
References
- https://www.vmware.com/security/advisories/VMSA-2023-0014.html
- https://www.cisa.gov/news-events/alerts/2023/06/23/vmware-releases-securityupdate-vcenter-server-and-cloud-foundation
- Download advisory (English): VMware Releases Security Update for vCenter Server and Cloud Foundation
- Download advisory (French): VMware publie une mise à jour de sécurité pour vCenter Server et Cloud Foundation
- Download advisory (Bislama): VMware’ i Rilisim Sekuriti Apdeit blong vCenter Server mo Cloud Foundation