Cybersecurity Alerts

Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-306

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-44077