Background /What has happened?
Malicious actors have attempted to use Zoho ManageEngine vulnerabilities in the past to target Australian organisations.
On the 2nd of December 2021, CISA and the FBI released a joint Cybersecurity advisory identifying active exploitation of the Zoho ManageEngine ServiceDesk Plus product suite.
Zoho ManageEngine identified active exploitation of their Desktop Central product suite on the 3rd of December 2021 in an advisory.
A patch already exists for the ServiceDesk Plus product suite due to an existing authentication bypass vulnerability that was made known and patchable on the 17th of September 2021 via a Zoho ManageEngine advisory.
Mitigation / How do I stay secure?
Australian organisations who utilise Zoho ManageEngine products should review Zoho's ManageEngine's security advisories below for a list of specific vulnerable products and versions.
Affected organisations should then review their patch status and update to the latest available version.
Additionally, Australian organisations using vulnerable Zoho ManageEngine products should make use of the Zoho ManageEngine exploit detection tool.
