Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2021-40539

Zoho | ManageEngineAdded 2021-11-03Remediation Deadline 2021-11-17Active Ransomware Campaign

Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability

Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-55

References