CVE-2021-42955 : What You Need to Know

Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability that allows non-admin Windows users to reset the Admin account password.

Understanding CVE-2021-42955

This CVE involves an unauthorized password reset vulnerability in Zoho Remote Access Plus Server for Windows Desktop.

What is CVE-2021-42955?

The vulnerability in Zoho Remote Access Plus Server for Windows Desktop allows non-admin Windows users to reset the password of the Admin account due to a flawed password reset mechanism.

The Impact of CVE-2021-42955

The impact is rated as high severity with a CVSS base score of 7.3. The integrity impact is high, and confidentiality impact is none.

Technical Details of CVE-2021-42955

The technical details of this CVE are as follows:

Vulnerability Description

Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 has an unauthorized password reset vulnerability.

Affected Systems and Versions

Product: Not Applicable
Vendor: Not Applicable
Versions: Not Applicable

Exploitation Mechanism

Attack Complexity: Low
Attack Vector: Local
Availability Impact: Low
Privileges Required: Low
Scope: Changed
User Interaction: None

Mitigation and Prevention

Taking immediate steps and implementing long-term security practices are crucial to mitigate the risks associated with CVE-2021-42955.

Immediate Steps to Take

Update to version 10.1.2132 to fix the vulnerability.
Review and restrict access to the Remote Access Plus Server Admin account.
Monitor password reset activities carefully.

Long-Term Security Practices

Implement the principle of least privilege.
Regularly review and update security configurations.
Provide security awareness training to users.

Patching and Updates

Ensure that all systems are regularly updated with the latest patches and security fixes.