CVE-2021-44757
published 2022-01-18CVE-2021-44757: Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allow attackers to bypass authentication, and read sensitive…
PriorityP268critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
24.20%
97.6th percentile
Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allow attackers to bypass authentication, and read sensitive information or upload an arbitrary ZIP archive to the server.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zohocorp | manageengine_desktop_central | < 10.1.2137.9 | 10.1.2137.9 |
| zohocorp | manageengine_desktop_central_managed_service_providers | < 10.1.2137.9 | 10.1.2137.9 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability affects Zoho ManageEngine Desktop Central and Desktop Central MSP versions before 10.1.2137.9; detect exploitation attempts targeting authentication bypass that allows reading sensitive data or uploading arbitrary ZIP archives to the server. ↗
- →Monitor for unauthenticated requests that result in ZIP file writes to the ManageEngine Desktop Central server filesystem, which is the primary exploitation primitive for this vulnerability. ↗
- →Given prior active exploitation of the closely related CVE-2021-44515 in Desktop Central by APT actors, prioritize detection and patching of CVE-2021-44757 on internet-exposed Desktop Central instances. ↗
- ·No CVSS score was available at time of publication for CVE-2021-44757; severity should be treated as critical based on vendor advisory classification. ↗
- ·No public proof-of-concept exploit was available at time of publication, but exploitation is considered likely given the history of similar CVEs in the same product being rapidly weaponized. ↗
- ·No confirmed in-the-wild exploitation of CVE-2021-44757 was reported at time of publication, unlike the related CVE-2021-44515 which was actively exploited as a zero-day. ↗
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Checkpoint
24th January– Threat Intelligence Report
blogs_checkpoint·2022-01-24
CVE-2021-44757 24th January– Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 24th January– Threat Intelligence Report
For the latest discoveries in cyber research for the week of 24th January, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
A new cyber-espionage campaign by the Arabic-speaking APT group Molerats (aka Gaza Cybergang) has been targeting victims in the Middle East, specifically high-profile targets in the banking, NGOs and political sectors in Palestine and Turkey. The group leverages cloud services like Google Drive or Dropbox to host malicious
Tenable
CVE-2021-44757: ZoHo Patches Authentication Bypass in ManageEngine Desktop Central
blogs_tenable·2022-01-18·CVSS 9.1
[CRITICAL] CVE-2021-44757: ZoHo Patches Authentication Bypass in ManageEngine Desktop Central
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
https://pitstop.manageengine.com/portal/en/community/topic/a-critical-security-patch-released-in-desktop-central-and-desktop-central-msp-for-cve-2021-44757-17-1-2022https://pitstop.manageengine.com/portal/en/community/topic/a-critical-security-patch-released-in-desktop-central-and-desktop-central-msp-for-cve-2021-44757-17-1-2022
2022-01-18
Published