Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability

The vulnerability could allow an authenticated attacker to perform Remote Code Execution (RCE) on the machine where ADSelfService Plus is installed

Threat ID:: CC-4434
Threat Severity:: Medium
Published:: 12 January 2024 3:26 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

The vulnerability could allow an authenticated attacker to perform Remote Code Execution (RCE) on the machine where ADSelfService Plus is installed

Affected platforms

The following platforms are known to be affected:

Versions: Builds 6401 and older

Zoho ManageEngine ADSelfService Plus

Threat details

Introduction

Zoho have released a security update to address a critical improper handling vulnerability, known as CVE-2024-0252, with a CVSSv3 score of 9.9. An authenticated attacker could exploit this vulnerability to perform Remote Code Execution (RCE) on machines with the vulnerable software installed.

Remediation advice

Affected organisations are encouraged to view the relevant Zoho ManageEngine Security Advisory and apply relevant updates.

Definitive source of threat updates

https://www.manageengine.com/products/self-service-password/advisory/CVE-2024-0252.html

CVE Vulnerabilities

Status Published

CVE-2024-0252

ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component.

Last edited: 12 January 2024 3:26 pm