Security News > 2020 > March > Zoho Working on Patch for Zero-Day Vulnerability in ManageEngine Product

Business tools development company Zoho says it's working on a patch for a zero-day vulnerability affecting its ManageEngine Desktop Central product.
"Since Zoho typically ignores researchers, I figured it was OK to share a ManageEngine Desktop Central zero-day exploit with everyone," Seeley wrote on Twitter.
In response to Seeley's tweet, Zoho said it identified the issue and has started working on a patch "With top priority."
A researcher from Microsoft pointed out that Shodan currently lists over 2,300 internet-exposed instances of ManageEngine Desktop Central, which increases the chances of malicious hackers targeting the vulnerability disclosed by Seeley.
"Administration tools, such as Zoho ManageEngine Desktop Central, make for desirable targets," Rick Holland, CISO and VP of strategy at Digital Shadows, told SecurityWeek.
News URL
Related news
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)