CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Dec 15, 2021

High

CISA KEV

CVE-2021-44077

Zoho—ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2021-44077

Vulnerability Overview

Severity: High
CISA KEV: Yes
Ransomware: Unknown
Published: Dec 1, 2021
KEV Added: Dec 1, 2021
Due Date: Dec 15, 2021
Related Articles: 0

Vendor

Zoho

ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus