During vulnerability scan we see OpenSSL is detected in VMware Tools. In the latest version from March 7th this is still version 3.0.7.

The file in question is ..\VMware\VMware Tools\VMware VGAuth\libssl-3-x64.dll

CVE-2023-0401 (https://www.cve.org/CVERecord?id=CVE-2023-0401) speaks of a vulnerability in versions older than 3.0.8.
So it loojks to us that VMware Tools is vulnerable.

Can someone confirm and/or provide more information about this?