CVE-2022-47966: Zoho ManageEngine Multiple Products Remote Code Execution

Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability. Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.

• CISA KEV-listed (remediation due 2023-02-13)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Detection rules

• Suspicious Child Process Of Manage Engine ServiceDesk high

Browse the CVE database

Read the full analysis on IntelFusions