VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.