Data center: Ashburn, VA

Telegram Chat : MBHH_x86

Email Us:

Mobile Hacker For Hire, hire a hacker, hiring a hacker, hacker with proof

Unpatched Zoho ManageEngine Products Open to Possible Attack

Table of Contents

Ed note: An earlier version incorrectly stated the vulnerability is under active attack. Instead, GreyNoise researchers are tracking any potential attacks.

Several Zoho ManageEngine IT management products require patching against a critical unauthenticated remote code execution (RCE) that researchers warn is ripe for an attack.

On Jan. 10, ManageEngine released an update against the bug, tracked under CVE-2022-47966, blaming it on “… an outdated third party dependence, Apache Santuario.”

The security advisory adds that any of the two dozen ManageEngine products impacted are vulnerable if single sign-on is, or has ever been, enabled.

By Jan. 13, researchers at provided indicators of compromise (IoCs). Now GreyNoise is tracking potential attacks attempting to exploit the RCE.

Once the RCE is used to breach a system, that access could be used to create all sorts of havoc by threat actors, analysts explained.

ManageEngine products are some of the most widely used across enterprises and perform business functions such as authentication, authorization, and identity management,” the researchers added. “Given the nature of these products, a vulnerability such as this poses critical risk to organizations allowing attackers initial access if exposed to the internet, and the ability for lateral movement with highly privileged credentials.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!