CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2021-40539

CVSS 9.8v3.1pub. 2021-09-07upd. 2025-11-05

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zohocorp Manageengine Adselfservice Plus

    APP
    Zohocorp
    6.1< 6.1

CISA KEV — detailsi

Vendori
Zoho
Producti
ManageEngine
Added to KEVi
November 3, 2021
Remediation deadline (US Federal)i
November 17, 2021(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 17 listopada 2021
Tags
RCEAuth Bypass
CWE
References

Related vulnerabilities

CVE-2022-47966CRITICAL9.8⚠ KEVten sam produkt

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code exec...

CVE-2025-11250CRITICAL9.1PL ✓ten sam produkt

Authentication Bypass w Zohocorp ManageEngine ADSelfService Plus

CVE-2023-35854CRITICAL9.8ten sam produkt

Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal ...

CVE-2022-36413CRITICAL9.1ten sam produkt

Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a passwo...

CVE-2021-37423CRITICAL9.8ten sam produkt

Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.