Zoho fixed a new critical severity flaw, tracked as CVE-2021-44757, that affects its Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions.
The Zoho ManageEngine Desktop Central endpoint management solution helps organizations in managing servers, laptops, desktops, smartphones, and tablets from a central location.
The issue is an authentication bypass vulnerability, a remote attacker can exploit to perform unauthorized actions in the server.
An authentication bypass vulnerability that can allow a remote user to perform unauthorized actions in the server.If exploited, this vulnerability may allow an attacker to read unauthorized data or write an arbitrary zip file on the server.
The company recommends customers to follow the security hardening guidelines for Desktop Central and Desktop Central MSP to secure their installs.