Security News > 2021 > September > CISA Warns of Actively Exploited Zoho ManageEngine ADSelfService Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday issued a bulletin warning of a zero-day flaw affecting Zoho ManageEngine ADSelfService Plus deployments that is currently being actively exploited in the wild.

ManageEngine ADSelfService Plus is an integrated self-service password management and a single sign-on solution for Active Directory and cloud apps, enabling admins to enforce two-factor authentication for application logins and users to reset their passwords.

"CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system," CISA said, urging companies to apply the latest security update to their ManageEngine servers and "Ensure ADSelfService Plus is not directly accessible from the internet."

In an independent advisory, Zoho cautioned that it's a "Critical issue" and that it's "Noticing indications of this vulnerability being exploited."

CVE-2021-40539 is the fifth security weakness disclosed in ManageEngine ADSelfService Plus since the start of the year, three of which - CVE-2021-37421, CVE-2021-37417, and CVE-2021-33055 - were addressed in recent updates.

This development also marks the second time a flaw in Zoho enterprise products has been actively exploited in real-world attacks.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/faDFTzIbhfQ/cisa-warns-of-actively-exploited-zoho.html