CVE-2021-44077 - Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability
Project:Zoho
Product:ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus
Date Added:2021-12-01Due Date:2021-12-15
Vulnerability Name
Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability
Description
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-44077