This warning may appear after installing patches contained in release ESXi650-201808001 (14 Aug 2018) and you have not updated your vCenter Server. After upgrade of vCenter Server you will see a following warning – “This host is potentially vulnerable to issues described in CVE-2018-3646, please refer to https://kb.vmware.com/s/article/55636 for details and VMware recommendations.”
The correct order to apply these patches is:
1) vCenter patches
2) ESXi patches
3) Evaluate and set “VMkernel.Boot.hyperthreadingMitigation” to “true” if you want to enable the patch.
Some more links to check: KB55806