A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns.