CISA Advisory

Multiple Nation-State Actors Exploit Zoho ManageEngine

AA23-250A • Published September 7, 2023

Severity: critical

Hackers from multiple countries are using a security hole in Zoho ManageEngine software to break into organizations. If your company uses ManageEngine products, update them right now or you could be compromised.

Overview

Alert warning that multiple nation-state actors are actively exploiting CVE-2022-47966 in Zoho ManageEngine products. Organizations should patch immediately or isolate affected systems.

Who Is At Risk

  • Organizations using Zoho ManageEngine
  • IT service providers
  • Healthcare organizations
  • Financial institutions
  • Government agencies

Affected Products

Zoho ManageEngine ServiceDesk Plus, Zoho ManageEngine ADSelfService Plus

Is your business exposed?

Immediate Actions

  1. 1.

    Patch ManageEngine to latest version immediately

  2. 2.

    Check for indicators of compromise

  3. 3.

    Review ManageEngine access logs

  4. 4.

    Isolate ManageEngine if patching delayed

  5. 5.

    Implement network segmentation

Official Source

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250a

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices