FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539

  /     /     /  
Publicated : 23/11/2024   Category : security

FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539


The critical authentication bypass vulnerability exists in Zoho ManageEngine ADSelfService Plus, officials report.


Advanced persistent threat attackers are exploiting a newly identified vulnerability in Zoho ManageEngine ADSelfService Plus, according to a joint advisory from the FBI, the United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA).
CVE-2021-40539 is a critical authentication bypass vulnerability in the software, which is a self-service password management and single sign-on tool. The FBI, CISA, and CGCYBER have reports of attackers using exploits against the vulnerability to gain access to the tool as early as August 2021.
If successfully exploited, the vulnerability could allow attackers to place Web shells that could enable attackers to conduct post-exploitation activities such as admin credential compromise, lateral movement, and exfiltration of registry hives and Active Directory files, officials report.
The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software, officials write in an alert. They say the FBI, CISA, and CGCYBER are proactively investigating and responding to the attack activity.
Zoho patched the vulnerability on Sept. 6, 2021. Officials urge organizations to update to ADSelfService Plus build 6114 and ensure ADSelfService Plus is not directly accessible from the Internet.
Read CISAs
full alert
for more information on tactics, techniques, and procedures as well as technical details.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539