All orgs urged to prioritize patching this flaw

All orgs urged to prioritize patching this flaw

2 years ago
Anonymous $kMjaqkS8vo

https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-manageengine-rce-bug-used-in-attacks/

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs exploited in the wild.

This security flaw (CVE-2022-35405) can be exploited in low-complexity attacks, without requiring user interaction, to gain remote code execution on servers running unpatched Zoho ManageEngine PAM360 and Password Manager Pro (without authentication) or Access Manager Plus (with authentication) software.

Last Seen
30 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
3 hours ago
Reputation
0
Spam
0.000
Last Seen
34 minutes ago
Reputation
0
Spam
0.000
Last Seen
53 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
10 minutes ago
Reputation
0
Spam
0.000
Last Seen
3 hours ago
Reputation
0
Spam
0.000
Last Seen
5 hours ago
Reputation
0
Spam
0.000