⚠ Actively exploited
Added to CISA KEV on 2021-12-10. Federal agencies required to patch by 2021-12-24. Required action: Apply updates per vendor instructions..
CVE-2021-44515
Severity
9.8CRITICAL
EPSS
94.4%
top 0.03%
CISA KEV
KEV
Added 2021-12-10
Due 2021-12-24
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
KEV addedDec 10
PublishedDec 12
KEV dueDec 24
Latest updateJan 24
CISA Required Action: Apply updates per vendor instructions.
Description
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages1 packages
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-wrwj-r75g-4vx9: Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in↗2021-12-13
CVEList▶
CVE-2021-44515: Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in↗2021-12-12
💥Exploits & PoCs
1Nuclei▶
Zoho ManageEngine Desktop Central - Remote Code Execution