Page Content
Zoho has released a security advisory to address
an authentication bypass vulnerability in ManageEngine Desktop Central and
Desktop Central MSP. An attacker could exploit this vulnerability to take
control of an affected system. According to Zoho, this vulnerability is being
actively exploited in the wild.
CERT Bulgaria encourages users and
administrators to review the Zoho
Vulnerability Notification and the Zoho ManageEngine
Desktop Central and ManageEngine
Desktop Central MSP security advisories and apply the recommended
mitigations immediately.
https://pitstop.manageengine.com/portal/en/community/topic/an-authentication-bypass-vulnerability-identified-and-fixed-in-desktop-central-and-desktop-central-msp
https://www.manageengine.com/products/desktop-central/cve-2021-44515-authentication-bypass-filter-configuration.html
https://www.manageengine.com/desktop-management-msp/cve-2021-44515-security-advisory.html