CISA Warns Of Bug In Zoho ADSelfService Plus

Share post:

The United States Cybersecurity and Infrastructure Security Agency (CISA) warned that hackers are exploiting a critical vulnerability known as CVE-2021-40539 in Zoho’s ManageEngine ADSelfService Plus password management solution that gives them the privilege to take over a system.

The vulnerability is considered critical because it could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Security notifications from the company and a warning from CISA suggested that the bug was exploited in the wild.

Currently, information about CVE-2021-40539, the fifth critical vulnerability reported for Zoho ManageEngine ADSelfService Plus in 2021, is sparse, with a severity score yet to be calculated by the National Institute of Standards and Technology.

However, companies with AdSelfService Plus builds lower than 6114 are recommended to install the latest developer update available from the service pack.

For more information, read the original story in Bleeping Computer

SUBSCRIBE NOW

Related articles

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Critical Vulnerability Leaves Millions Of Sites Vulnerable To Takeover

A severe authentication bypass vulnerability has been discovered in the WordPress plugin "Really Simple Security" (formerly *Really Simple...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways