CISA: Zoho ManageEngine RCE Bug Is Under Active Exploit

The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.

Dark Reading Staff, Dark Reading

September 23, 2022

1 Min Read
Logo for CISA
Source: GK Images via Alamy

The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that a critical Zoho ManageEngine remote code execution (RCE) flaw, first disclosed in June, is now under active attack. 

According to Zoho's patch advisory, the bug "could allow remote attackers to execute arbitrary code on affected installations." 

Multiple Zoho ManageEngine products are affected, CISA said, including the Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus. 

Authentication is not required to exploit the vulnerability in Password Manager Pro and PAM360 products, Zoho added.

CISA has moved to add the Zoho ManageEngine bug to the Known Exploited Vulnerabilities catalog, which indicates the bug (CVE-2022-35405) is both under active exploit and poses a threat to the federal government's systems. 

CISA advises federal agencies to apply the vendor patch immediately. 

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights