CVE-2022–35405: Critical ManageEngine RCE

Photo by micheile dot com on Unsplash

Introduction

An FCEB agency was instructed by the Cybersecurity and Infrastructure Security Agency (CISA) to fix a vulnerability affecting Zoho ManageEngine products by mid-October 2022. There is a critical Java deserialization issue indexed as CVE-2022–35405, which is being actively citing evidence of exploitation in the wild as of September 22, 2022. In late Summer 2022, Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus solutions were affected by this flaw, which was written up in the same year.

According to Greynoise, no exploitation attempts have been observed in the wild, but the details of in-the-wild exploitation are unavailable.

By leveraging the newly released detection content pieces enhanced with relevant contextual information, available via Search Engines, organizations can effectively defend against potential cyber-attacks exploiting the critical ManageEngine RCE flaw:

Cyberattacks are expected to surpass previous records in 2022. Considering the current avalanche of critical vulnerabilities affecting popular software products, employing an effective detection method is crucial to detecting continuously arising exploitation attempts. Enhanced cyber defense requires curated detection content and cutting-edge capabilities to keep attackers at bay.

Password Manager Pro and PAM360 installations with prior authentication as well as Access Manager Plus installations with prior authentication are vulnerable to CVE-2022–35405, which can lead to arbitrary code execution. Versions 12100 and lower, PAM360 versions 5500 and lower, and Access Manager Plus versions 4302 and lower are affected. According to the CVSS rating system, CVE-2022–35405 has a severity rating of 9.8 out of 10 and was patched by Zoho on June

Read more

Explore the site

More from the blog

Latest News