New Vulnerability Exploited in ManageEngine Desktop Central Enterprise & MSP – CVE-2021-44515

Share :

Background

On Friday, December 3, 2021, ManageEngine released a patch advisory for CVE-2021-44515, an authentication bypass vulnerability affecting Desktop Central Enterprise and MSP versions. Desktop Central is a unified endpoint management (UEM) solution that helps in managing servers, laptops, desktops, smartphones, and tablets from a central location.

CVE ID

CVSS Score V3

CVSS Criticality

Type

Description

CVE-2021-44515

9.8

Critical

Improper Authentication & Remote code Execution

Zoho Corp. Desktop Central Authentication Bypass Vulnerability

Analysis

CVE-2021- 44515

CVE-2021-44515 affects the following versions of ManageEngine Desktop Central:

  • For Enterprise:
    • For builds 10.1.2127.17 and below, upgrade to 10.1.2127.18
    • For builds 10.1.2128.0 to 10.1.2137.2, upgrade to 10.1.2137.3
  • For MSP:
    • For builds 10.1.2127.17 and below, upgrade to 10.1.2127.18
    • For builds 10.1.2128.0 to 10.1.2137.2, upgrade to 10.1.2137.3

ManageEngine has disclosed that this vulnerability is being exploited in the wild, however no information regarding threat actors or techniques have been shared at this time. Exploitation of CVE-2021-44515 allows a threat actor to gain unauthorized access by sending a specially crafted request to a server running a vulnerable version of ManageEngine Desktop Central Enterprise or MSP versions which can lead to remote code execution.

Solutions and Recommendations

ManageEngine has indicated in their advisory here that specific versions are affected by CVE-2021-44515 vulnerability.

Arctic Wolf has assessed the risk posed by CVE-2021-44515 as high, and strongly recommends that customers review the advisory to determine if they are affected and patch affected servers immediately.

References

Learn more about Arctic Wolf’s Managed Risk solution or request a demo today.

James Liolios

James Liolios

James Liolios is a Senior Threat Intelligence Researcher at Arctic Wolf, where he keeps a watchful eye on the latest threats and threat actors to understand the potential impact to Arctic Wolf customers. He has a background of 9 years' experience in many areas of cybersecurity, holds a bachelor's degree in Information Security, and is also CISSP certified.
Share :
Table of Contents
Categories
Subscribe to our Monthly Newsletter