Shields up! On September 22, 2022, The Cybersecurity and Infrastructure Security Agency (CISA) released a directive urging all FCEB agencies to fix a flaw affecting Zoho ManageEngine products by mid-October. Indexed as CVE-2022-35405, the security issue is a critical Java deserialization flaw and is currently actively exploited in the wild.
The flaw was documented in late Summer 2022 and, according to the write-up, affects Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus solutions.
To enable organizations to effectively defend against potential cyber-attacks exploiting the critical ManageEngine RCE flaw, utilize newly released detection content pieces enhanced with relevant contextual information, available via SOC Prime’s Cyber Threats Search Engine:
In 2022, the number of cyber-attacks is expected to surpass prior year records. In the current avalanche of critical vulnerabilities affecting popular software products, it is vital to employ an efficient detection opt for continuously emerging exploitation attempts. To stay ahead of attackers, gear up with curated detection content and cutting-edge capabilities for enhanced cyber defense.
CISA’s Known Exploited Vulnerabilities (KEV) catalog has increased by one more security issue tagged as CVE-2022-35405, now actively exploited in the wild. Successful exploit grants adversaries the ability to execute arbitrary code on a compromised device. The patches for this flaw have been available since June, so there is no time to delay fixing the issue if your organization’s affected – it is better late than never.
Striving to make your own contribution to collective industry expertise by authoring detection content? SOC Prime’s Threat Bounty Program welcomes experienced and aspiring threat hunters to share their Sigma, Snort, and YARA-based detection content in exchange for expert coaching and steady revenue.