September 29, 2021
Trend Micro announced the release of patches for a critical authentication bypass vulnerability in ServerProtect (CVE-2021-36745), which could be exploited to completely bypass authentication.
A complete working exploit for the previously reported remote code execution vulnerability in VMware vCenter (CVE-2021-22005) is now being actively exploited in the wild.
Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux to address a use-after-free zero-day in the Portals API (CVE-2021-37973) which has been actively exploited in the wild.
Trend Micro has released Build 9645 which contains accumulated critical fixes and product enhancements for its flagship enterprise solution Apex One.
As many as 70 Hikvision device models are vulnerable to a critical remote unauthenticated code execution vulnerability (CVE-2021-36260).
VMware has released a security bulletin warning pertaining to as many as 19 vulnerabilities in vCenter Server and Cloud Foundation appliances which can be exploited to gain access.