Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities (KEV) Catalog. The details of in-the-wild exploitation of the flaw aren’t available – though, according to data collected by Greynoise, exploitation attempts don’t seem widespread. About CVE-2022-35405 CVE-2022-35405 is a remote code execution vulnerability that can be exploited to execute arbitrary code on … More

The post Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405) appeared first on Help Net Security.

Leer másHelp Net Security

Leave a Reply

Your email address will not be published.