CSOonline

Zoho ManageEngine flaw is actively exploited, CISA warns

Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments. A remote code execution vulnerability in ...
Dark Reading

Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data ...

A critical vulnerability in Zoho’s widely used compliance tool, ManageEngine ADAudit Plus, which monitors changes to Microsoft Active Directory, leaves endpoints vulnerable to unauthenticated users. A ...
Bleeping Computer

Zoho urges admins to patch severe ManageEngine bug immediately

Business software provider Zoho has urged customers to patch a high-severity security flaw affecting multiple ManageEngine products. The bug, tracked as CVE-2022-47523, is an SQL injection ...
Bleeping Computer

CISA warns of critical ManageEngine RCE bug used in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs ...
Threat Post

FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence. Another Zoho ManageEngine zero-day ...