Security News > 2023 > January > Critical ManageEngine RCE bug now exploited to open reverse shells
A critical remote code execution vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks.
While investigating attacks that led to the compromise of some of its customers' ManageEngine instances, Rapid7 also observed post-exploitation activity.
CISA and the FBI have previously issued joint advisories to warn of state-backed threat actors exploiting ManageEngine flaws to drop web shells on the networks of organizations from multiple critical infrastructure sectors, including healthcare and financial services.
Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now.
Exploit released for critical ManageEngine RCE bug, patch now.
Zoho urges admins to patch severe ManageEngine bug immediately.
News URL
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Critical Langflow RCE flaw exploited to hack AI app servers (source)
- SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version (source)
- Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE (source)