Active Exploitation of Zoho ManageEngine RCE Vulnerability CVE-2022-35405
CISA have announced that a critical vulnerability affecting Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus is being actively exploited
Summary
CISA have announced that a critical vulnerability affecting Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus is being actively exploited
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
In August 2022, ManageEngine released a security update to address a critical remote code execution (RCE) vulnerability affecting their Privileged Access Management product line, which includes PAM360, Password Manager Pro, and Access Manager Plus. The vulnerability CVE-2022-35405 has a CVSSv3 score of 9.8, and could allow an unauthenticated, remote attacker to execute remote code and take control of an affected system.
Exploitation in the wild for CVE-2022-35405
A Proof-of-Concept (PoC) was released and CISA has added this vulnerability to the Known Exploited Vulnerabilities Catalog list.
Remediation advice
Affected organisations should review ManageEngine's security advisory for PAM360, Password Manager Pro, and Access Manager Plus remote code execution vulnerability CVE-2022-35405 and apply relevant security updates.
Definitive source of threat updates
Last edited: 23 September 2022 11:37 am