There are no events scheduled
This browser is not supported.
NPCC Security Bulletin: Zoho ManageEngine ServiceDesk Plus Vulnerability
December 15, 2021
Zoho ManageEngine ServiceDesk Plus Vulnerability
On Thursday, December 2, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and Federal Bureau of Investigations (FBI) reported a new campaign targeting ManageEngine ServiceDesk Plus servers (on-premises) that are vulnerable to CVE-2021-44077.
CVE-2021-44077 is an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus affecting all versions of ServiceDesk Plus up to, and including, version 11305. Following initial exploitation of CVE-2021-44077 on a targeted system, the threat actors have been observed uploading executable files and placing web shells that enable post-exploitation activities such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files.
- Run the ManageEngine Exploit Detection Tool on ServiceDesk Plus Servers to discover any compromises in your environment
- Upgrade to the latest version using the appropriate migration path
- The Electricity Information Sharing and Analysis Center (E‐ISAC) also has more information on this topic.
DOWNLOAD ATTACHMENT 1
NPCC 2022 Summer Reliability Assessment Media Release
May 04, 2022
NPCC Summer 2022 Reliability Assessment Overview
May 04, 2022