The Zoho developers urged their customers to urgently update their Desktop Central and Desktop Central MSP installations to the latest version available. The fact is that a new critical vulnerability in ManageEngine is already under attack.
The vulnerability in question, identified as CVE-2021-44515 , allows attackers to bypass authentication and then execute arbitrary code on unpatched ManageEngine Desktop Central installations (Desktop Central Cloud is not affected by the issue).
To determine if a particular installation has been attacked, it is suggested to use the Zoho Exploit Detection Tool. If signs of a compromise are found, Zoho recommends that you initiate a “password reset for all services, accounts, Active Directory, and so on,” as well as Active Directory administrator passwords.
Edition Bleeping Computer notes that, according to Shodan, the network available to more than 3,200 copies of ManageEngine Desktop Central, running on different ports and vulnerable to attacks.
Catch up on more stories here
Follow us on Facebook here