Read Time:1 Minute, 30 Second

CISA announced that a security flaw found in Zoho Manage Engine is now classified as an exploited vulnerability based on recent evidence of its active exploitation.

An unspecified vulnerability in Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus could allow for remote code execution, according to a notice from the agency.

“Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution,”

The most severe vulnerability, tracked as CVE-2022-35405, has a CVSS score of 9.8 out of 10 and was fixed by Zoho via updates released on June 24, 2022.

Although the nature of the vulnerability is unknown, the India-based business solutions firm said it fixed it by eliminating any vulnerable components that might allow for remote code execution.

Zoho has also warned the public about the availability of a proof-of-concept (PoC) exploit for the vulnerability. This means that customers must upgrade their instances of Password Manager Pro, PAM360, and Access Manager Plus as soon as possible.

The vulnerability was discovered after a cybersecurity firm and the FBI collaborated on investigating the virus’s source. The agency did not provide further details on how the flaw is being used as a weapon or how widespread the exploit attempts are, but data from GreyNoise revealed that in-the-wild assaults were detected on September 7, 2022.

In light of the active exploitation of the vulnerability, Federal Civilian Executive Branch (FCEB) agencies are required to apply the vendor-provided patches by October 13, 2022. As anyone who has ever tried to patch a hole knows, it’s not always an easy task. In this case, the FCEB has its work cut out for it. The good news is that there are different ways to make patching easier. 

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
github Previous post Fake CircleCI Notifications Used by Hackers to Steal GitHub Accounts
Next post Australian Clinical Labs Suffers A Cyber Attack, Months Of Patient Data Compromised