cbcvebase.
CVE-2025-11669
published 2026-01-13

CVE-2025-11669: Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an…

PriorityP354high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.72%
49.4th percentile
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality.

Affected

9 ranges
VendorProductVersion rangeFixed in
zohocorpmanageengine_access_manager_plus< 44014401
zohocorpmanageengine_access_manager_plus< 4.44.4
zohocorpmanageengine_access_manager_plus
zohocorpmanageengine_pam360< 82028202
zohocorpmanageengine_pam360< 8.28.2
zohocorpmanageengine_pam360
zohocorpmanageengine_password_manager_pro< 1322113221
zohocorpmanageengine_password_manager_pro< 13.213.2
zohocorpmanageengine_password_manager_pro
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.