Security News > 2021 > September > FBI and CISA warn of state hackers exploiting critical Zoho bug

The FBI, CISA, and the Coast Guard Cyber Command today warned that state-backed advanced persistent threat groups are likely among those exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.

The vulnerability tracked as CVE-2021-40539 was found in the Zoho ManageEngine ADSelfService Plus software, and it allows attackers to take over vulnerable systems following successful exploitation.

This joint security advisory follows a previous warning issued by CISA last week, also alerting of CVE-2021-40539 in the wild attacks that could allow threat actors to execute malicious code remotely on compromised systems.

"The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software," the joint advisory warns.

APT groups behind these attacks have targeted an extensive array of sectors from academic institutions and defense contractors to critical infrastructure entities.

Zoho has released Zoho ManageEngine ADSelfService Plus build 6114, which patches the CVE-2021-40539 vulnerability on September 6.

News URL

https://www.bleepingcomputer.com/news/security/fbi-and-cisa-warn-of-state-hackers-exploiting-critical-zoho-bug/