Zoho: Patch new ManageEngine bug exploited in attacks

Zoho: Patch new ManageEngine bug exploited in attacks ASAP (bleepingcomputer.com)

Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installation to the latest available version.

Zoho’s ManageEngine Desktop Central is a management platform that helps admins deploy patches and software automatically over the network and troubleshoot them remotely.

The warning comes after the company patched a critical vulnerability which could allow attackers to bypass authentication and execute arbitrary code on unpatched ManageEngine Desktop Central servers.

A quick search using Shodan has revealed over 3,200 ManageEngine Desktop Central instances running on various ports and exposed to attacks.

For over ten years, Acurus has been trusted by Australia’s largest household brands, including Energy Australia, Officeworks, Bakers Delight, Red Energy, and Reece Plumbing.

If you need cyber security assistance, post incident or need to bolster your cyber security position to avoid detrimental attacks contact us today for free cyber security gap assessment. Work from Anywhere Securely – Acurus