Security News

Business software provider Zoho has urged customers to patch a critical security flaw affecting multiple ManageEngine products."We identified a SQL injection vulnerability in our internal framework that would grant all [.] users unauthenticated access to the backend database," Zoho said.

Critical ManageEngine RCE flaw is being exploitedThe US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog. 3 free Linux security training courses you can take right nowLearning how to effectively navigate and interact with Linux can be an important part of your learning journey in cybersecurity.

The U.S. Cybersecurity and Infrastructure Security Agency on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution," the agency said in a notice.

The US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog. CVE-2022-35405 is a remote code execution vulnerability that can be exploited to execute arbitrary code on affected installations of Password Manager Pro and PAM360 without prior authentication, and on Access Manager Plus with prior authentication.

The Cybersecurity and Infrastructure Security Agency has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs exploited in the wild."The exploit POC for the above vulnerability is available in public," ManageEngine warned customers in July when it issued security patches to address this issue.

Security researchers have published technical details and proof-of-concept exploit code for CVE-2022-28219, a critical vulnerability in the Zoho ManageEngine ADAudit Plus tool for monitoring activities in the Active Directory. Zoho addressed the issue at the end of March in ADAudit Plus build 7060 after security researcher Naveen Sunkavally at Horizon3.

A critical security vulnerability in the Zoho ManageEngine Desktop Central and Desktop Central MSP platforms could allow authentication bypass, the company has warned. Zoho's ManageEngine Desktop Central is a unified endpoint management solution that lets IT admins manage servers, laptops, desktops, smartphones and tablets from a central location.

Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that "May allow an attacker to read unauthorized data or write an arbitrary zip file on the server," the company noted in an advisory.

Another Zoho ManageEngine zero-day vulnerability is under active attack from an APT group, this time looking to override legitimate functions of servers running ManageEngine Desktop Central and elevate privileges - with an ultimate goal of dropping malware onto organizations' networks, the FBI has warned. There is also evidence to support that it's being used in an attack chain with two other Zoho bugs that researchers have observed under attack since September, according to the alert.

A vulnerability in ManageEngine Desktop Central is being leveraged in attacks in the wild to gain access to server running the vulnerable software. The issue is considered critical by the company and affects ManageEngine Desktop Central - a unified endpoint management solution - and ManageEngine Desktop Central MSP - endpoint management software for MSPs. If installations of the latter are compromised, attackers could use the access to compromise endpoints and networks of MSPs's client organizations.