all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!

Add to bookmarks
Jan. 17, 2023, 10:38 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Users of Zoho ManageEngine are being urged to patch their instances against a critical security vulnerability ahead of the release of a proof-of-concept (PoC) exploit code.
The issue in question is CVE-2022-47966, an unauthenticated remote code execution vulnerability affecting several products due to the use of an outdated third-party dependency, Apache Santuario.
"This vulnerability allows an

apache apache santuario code code execution concept critical cve cve-2022-47966 dependency exploit exploit code issue manageengine party patch poc poc exploit products proof-of-concept question release remote code remote code execution security security vulnerability third third-party vulnerability zoho zoho manageengine

Visit resource

More from thehackernews.com / The Hacker News

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks 11 hours ago | thehackernews.com
april assets attacks command +19
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike 11 hours ago | thehackernews.com
attack called campaign cobalt +22
Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users 15 hours ago | thehackernews.com
app apps baidu chinese +22
CISO Perspectives on Complying with Cybersecurity Regulations 15 hours ago | thehackernews.com
accountability ciso cisos compliance +22
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners 18 hours ago | thehackernews.com
actor antivirus antivirus software avast +22
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers 20 hours ago | thehackernews.com
actor cache campaign cdn +20
Apache Cordova App Harness Targeted in Dependency Confusion Attack 1 day, 11 hours ago | thehackernews.com
actor apache app attack +21
Webinar: Learn Proactive Supply Chain Threat Hunting Techniques 1 day, 13 hours ago | thehackernews.com
attacks breach cybersecurity defenses +23
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases 1 day, 14 hours ago | thehackernews.com
access action call called +30

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

EY GDS Internship Program - SAP, Cyber, IT Consultant or Finance Talents with German language

@ EY | Wrocław, DS, PL, 50-086
View on infosec-jobs.com

Security Architect - 100% Remote (REF1604S)

@ Citizant | Chantilly, VA, United States
View on infosec-jobs.com

Network Security Engineer - Firewall admin (f/m/d)

@ Deutsche Börse | Prague, CZ
View on infosec-jobs.com

Junior Cyber Solutions Consultant

@ Dionach | Glasgow, Scotland, United Kingdom
View on infosec-jobs.com

Senior Software Engineer (Cryptography), Bitkey

@ Block | New York City, United States
View on infosec-jobs.com
View more jobs