CISA has closed ED 22-03 and transitioned required actions for VMware vulnerabilities (CVE-2022-22954 and CVE-2022-22960) to CISA’s BOD 22-01: Reducing the