Zoho Releases Security Update for ADSelfService Plus

ID CISA:01AC83B2C29761024423083A8BE9CE80
Type cisa
Reporter CISA
Modified 2021-09-08T00:00:00


Zoho has released a security update on a vulnerability (CVE-2021-40539) affecting ManageEngine ADSelfService Plus builds 6113 and below. CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine ADSelfService Plus is a self-service password management and single sign-on solution for Active Directory and cloud apps. Additionally, CISA strongly urges organizations ensure ADSelfService Plus is not directly accessible from the internet.

CISA encourages users and administrators to review the Zoho advisory for more information and to update to ADSelfService Plus build 6114.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we'd welcome your feedback.