Successful exploitation allows an attacker to execute the remote code and compromise the system.
| | | | | Affected Product(s) Multiple Zoho ManageEngine Products | | | | Critical Vulnerability in Zoho ManageEngine Gets Actively Exploited in the Wild! | | | | The old critical remote code execution vulnerability (CVE-2022-47966) in Zoho ManageEngine is actively being exploited in the wild. The flaw is due to the use of Apache xmlsec (aka XML Security for Java) because the xmlsec XSLT features make the application responsible for certain security protections. The vulnerability affects multiple products, including Access Manager Plus, ADManager Plus, Password Manager Pro, Remote Access Plus, and more. Successful exploitation allows an attacker to execute the remote code and compromise the system. SanerNow Network Scanner detects this vulnerability. Here is a gentle reminder to apply the security updates for this vulnerability on high priority. If you found this valuable, please share it with your other IT SysAdmin Friends! | | Stay Alert and Secure! Team SecPod | | | | |
No comments:
Post a Comment