CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2021-44077

CVSS 9.8v3.1pub. 2021-11-29upd. 2025-10-31

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Zohocorp Manageengine Servicedesk Plus

    APP
    Zohocorp
    11.111.211.3< 11.1
  • Zohocorp Manageengine Servicedesk Plus Msp

    APP
    Zohocorp
    10.5< 10.5
  • Zohocorp Manageengine Supportcenter Plus

    APP
    Zohocorp
    11.0< 11.0

CISA KEV — detailsi

Vendori
Zoho
Producti
ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus
Added to KEVi
December 1, 2021
Remediation deadline (US Federal)i
December 15, 2021(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 15 grudnia 2021
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2022-47966CRITICAL9.8⚠ KEVten sam produkt

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code exec...

CVE-2021-37415CRITICAL9.8⚠ KEVten sam produkt

Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-...

CVE-2023-23076CRITICAL9.8ten sam produkt

OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating new schedule...

CVE-2023-22964CRITICAL9.1ten sam produkt

Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before 13004, is vulnerable to authentication byp...

CVE-2022-36412CRITICAL9.8ten sam produkt

In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass....