Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies