Vulnerabilities

Hacking Zoho: zero-day vulnerability in a business product exposes company’s customers

A cloud computing security firm has revealed the discovery of a critical zero-day vulnerability in one of the enterprise products of tech firm Zoho; according to the report, this flaw could cause problems for businesses worldwide, as threat actors could use it as an entry point to deploy ransomware attacks, among other malicious activities.

The product affected is Zoho ManageEngine Desktop Central,
an endpoint management solution widely used by companies around the world to
control their Internet-connected devices, such as smartphones, Linux servers,
as well as Mac and Windows
workstations.

According to the cloud computing security firm
that submitted the report, this product allows system administrators to send
updates, take control of devices remotely, among other tasks. In addition to
the report of the flaw, the code of a proof of concept for exploitation was
published too. The flaw allows a remote threat actor to execute arbitrary code
in the affected ManageEngine Desktop Central deployments. For this, hackers do
not require authentication on the vulnerable system, which makes exploitation
even more dangerous.

Successful exploitation would allow hackers to
take full control of the product and thus linked devices.

This is not the first time that these kinds of
solutions, primarily employed by IT support companies, represent a security
issue. For a couple of years, some groups of cybercriminals began infecting
target users from ransomware by exploiting this attack vector.

Cloud computing security firms, technical
support, cybersecurity, industry, and public organizations around the world use
this product, so they’ll be at risk until Zoho announces the release of an
updated version or security patch. It should be mentioned that it is not yet
clear when mitigation will be ready, so companies should remain alert to any
anomalous activity on their networks.

According to the International Institute of Cyber
Security (IICS)
, there are at least 2, 300 servers exposed on the
Internet that use this Zoho product, so it is essential that the company
updates as soon as possible.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

To Top

Pin It on Pinterest

Share This