Overview

There are new vulnerabilities discovered on Zoho ManageEngine products related to CVE-2022-47966, which allow for unauthenticated RCE – Remote Code Execution. This is the effect of an outdated Apache Santuario version. Those affected are at risk if a SAML-based Single Sign-On is enabled, or has been enabled at some point. To mitigate this, it is important to patch to the latest version for all devices affected, as stated in the Security Advisory from Zoho ManageEngine below.

Services

https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html – ManageEngine Security Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-47966 – NIST CVE-2022-47966

https://www.csoonline.com/article/3685940/attackers-exploiting-critical-flaw-in-many-zoho-manageengine-products.html