Zoho’s ManageEngine Desktop Central is a unified endpoint management (UEM) solution that lets IT admins manage servers, laptops, desktops, smartphones and tablets from a central location. Users can automate routines like installing patches, deploying software, imaging and deploying OS.
Zoho’s comprehensive endpoint-management platform (Desktop Central) suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution.
What is the vulnerability?
CVE-2021-44757 - Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allow attackers to bypass authentication, and read sensitive information or upload an arbitrary ZIP archive to the server.
What is the impact?
If exploited, this vulnerability may allow an attacker to read unauthorized data or write an arbitrary zip file on the server.
How to mitigate this?
This vulnerability has been fixed on January 17, 2022, and the mitigation is available in the latest versions of Desktop Central and Desktop Central MSP. Please refer to the KB documents of Desktop Central and Desktop Central MSP for more details.
Recommendations - Do follow the below security guidelines for Desktop Central and Desktop Central MSP to ensure all the security controls are configured to keep your network secure.
1) Update your Desktop Central server to the latest build.
2) Grant access of the Desktop Central server installed machine only to authorized users.
3) Use proper firewall and Anti-virus software and keep them up-to-date to get accurate alarm.
4) Delete unused accounts
5) Audit and review privileged user access on regular basis atleast every 3 months.
If you would like to reduce security risks around unauthorised access, quickly respond to security incidents and data breaches, contact us for a free consultation today.