Security
Headlines
HeadlinesLatestCVEs

Headline

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. “Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution,” the agency

The Hacker News
#vulnerability#rce#The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation.

“Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution,” the agency said in a notice.

The critical vulnerability, tracked as CVE-2022-35405, is rated 9.8 out of 10 for severity on the CVSS scoring system, and was patched by Zoho as part of updates released on June 24, 2022.

Although the exact nature of the flaw remains unknown, the India-based enterprise solutions company said it addressed the issue by removing the vulnerable components that could lead to the remote execution of arbitrary code.

Zoho has also warned of the public availability of a proof-of-concept (PoC) exploit for the vulnerability, making it imperative that customers move quickly to upgrade the instances of Password Manager Pro, PAM360 and Access Manager Plus as soon as possible.

In light of active exploitation in the wild, Federal Civilian Executive Branch (FCEB) agencies are required to apply the vendor-provided patches by October 13, 2022.

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Related news

CVE-2020-27449: Release Notes - ManageEngine Password Manager Pro

Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.

Flaw in some ManageEngine apps is being actively exploited, says CISA

Categories: Exploits and vulnerabilities Categories: News The critical CVE-2022-35405 flaw affects several Zoho ManageEngine products. Federal and private organizations must patch now! (Read more...) The post Flaw in some ManageEngine apps is being actively exploited, says CISA appeared first on Malwarebytes Labs.

CISA: Zoho ManageEngine RCE Bug Is Under Active Exploit

The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.

Zoho Password Manager Pro XML-RPC Java Deserialization

This Metasploit module exploits a Java deserialization vulnerability in Zoho ManageEngine Pro before 12101 and PAM360 before 5510. Unauthenticated attackers can send a crafted XML-RPC request containing malicious serialized data to /xmlrpc to gain remote command execution as the SYSTEM user.

CVE-2022-35405: ManageEngine PAM360, Password Manager Pro, and Access Manager Plus remote code execution vulnerability.

Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)