Security News > 2021 > September > FBI and CISA warn of state hackers exploiting critical Zoho bug
The FBI, CISA, and the Coast Guard Cyber Command today warned that state-backed advanced persistent threat groups are likely among those exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.
The vulnerability tracked as CVE-2021-40539 was found in the Zoho ManageEngine ADSelfService Plus software, and it allows attackers to take over vulnerable systems following successful exploitation.
This joint security advisory follows a previous warning issued by CISA last week, also alerting of CVE-2021-40539 in the wild attacks that could allow threat actors to execute malicious code remotely on compromised systems.
"The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software," the joint advisory warns.
APT groups behind these attacks have targeted an extensive array of sectors from academic institutions and defense contractors to critical infrastructure entities.
Zoho has released Zoho ManageEngine ADSelfService Plus build 6114, which patches the CVE-2021-40539 vulnerability on September 6.
News URL
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Hackers exploit critical bug in Array Networks SSL VPN products (source)
- CISA, FBI Issue Guidance for Securing Communications Infrastructure (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-07 | CVE-2021-40539 | Use of Incorrectly-Resolved Name or Reference vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution. | 9.8 |