Zoho Patches a Critical Vulnerability in ManageEngine Desktop Central

Post author:Pranav S
Post published:January 19, 2022
Reading time:3 mins read
Post category:Endpoint Management / Endpoint Security / Endpoint Security and Management / Featured Articles / IT Asset Management / Patch Management / Security Research and Intelligence

Zoho Corporation has released patches for its ManageEngine Desktop Central and Desktop Central MSP solutions affected by CVE-2021-44757, a critical authentication bypass vulnerability.

Zoho ManageEngine Desktop Central is a unified endpoint management (UEM) solution that helps in managing servers, laptops, desktops, smartphones, and tablets from a central location.

According to the security advisory published, the “authentication bypass vulnerability in Desktop Central was identified which, when exploited, can allow an attacker to read unauthorized data or write an arbitrary zip file in the Desktop Central server.” The vulnerability is being tracked as CVE-2021-44757.

The vulnerability has been fixed on January 17, 2022, and the fix is available in build 10.1.2137.9. The KB documents for Desktop Central and Desktop Central MSP have also been released. Zoho recommends users follow the security hardening guidelines for Desktop Central and Desktop Central MSP. A security notification can also be found in installations of Desktop Central urging users to upgrade to the latest version.

The vulnerability was discovered and reported by Oswald from SGLAB of Legendsec at Qi’anxin Group. It is not yet known if this vulnerability is widely exploited.

Recently, Zoho has fixed 3 other critical vulnerabilities in its ManageEngine products.

CVE-2021-44515: Authentication bypass vulnerability in Zoho ManageEngine Desktop Central.
CVE-2021-44077 : Unauthenticated remote code execution vulnerability in Zoho ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.
CVE-2021-40539: Authentication bypass vulnerability in Zoho ManageEngine ADSelfService Plus.

These vulnerabilities were targeted by state-sponsored APT groups and have been under active exploitation since October 2021. It is highly recommended to apply the security patches and follow the security hardening guidelines provided by Zoho.

Affected Products

Zoho ManageEngine Desktop Central
Zoho ManageEngine Desktop Central MSP

Impact

Successful exploitation of this vulnerability allows an attacker to read unauthorized data or write an arbitrary zip file on the server.

Solution

Zoho ManageEngine Desktop Central build 10.1.2137.9.

SanerNow VM and SanerNow PM detect this vulnerability, Use SanerNow and keep your systems updated and secure.

Tags: critical vulnerability, desktop central, manageengine, Zoho