CVE-2021-40539: Zoho ManageEngine ADSelfService Plus Authentication Bypass

Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability. Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution.

• CISA KEV-listed (remediation due 2021-11-17)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Detection rules

• ADSelfService Exploitation high
• CVE-2021-40539 Zoho ManageEngine ADSelfService Plus Exploit critical
• Suspicious Shells Spawn by Java Utility Keytool high

Browse the CVE database

Read the full analysis on IntelFusions