CVE-2021-44515

high-risk

Published 2021-12-12

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.

Do I need to act?

94.4% chance of exploitation in next 30 days

EPSS score — higher than 6% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (2)

Manageengine Desktop Central

Affected Vendors

Zohocorp

References (7)

Issue Tracking https://pitstop.manageengine.com/portal/en/community/topic/an-authentication-byp...

Broken Link https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/cisa-adds-thirteen-...

Exploit https://www.manageengine.com/products/desktop-central/cve-2021-44515-authenticat...

Issue Tracking https://pitstop.manageengine.com/portal/en/community/topic/an-authentication-byp...

Broken Link https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/cisa-adds-thirteen-...

Exploit https://www.manageengine.com/products/desktop-central/cve-2021-44515-authenticat...

US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-...

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 27/34 · High

Exposure 7/34 · Low