Security News > 2021 > December > Zoho: Patch new ManageEngine bug exploited in attacks ASAP
Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installation to the latest available version.
Zoho's ManageEngine Desktop Central is a management platform that helps admins deploy patches and software automatically over the network and troubleshoot them remotely.
A quick search using Shodan has revealed over 3,200 ManageEngine Desktop Central instances running on various ports and exposed to attacks.
This is not the first time Zoho ManageEngine servers have been targeted in attacks recently.
More recently, between August and October 2021, Zoho ManageEngine products have been targeted by state hackers using tactics and tooling similar to those used by Chinese-backed hacking group APT27.
A Zoho spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today about the CVE-2021-44515 Desktop Central authentication bypass vulnerability being exploited in the wild.
News URL
Related news
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-12 | CVE-2021-44515 | Unspecified vulnerability in Zohocorp Manageengine Desktop Central Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. | 9.8 |