CVE-2021-44650 : What You Need to Know

Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components.

Understanding CVE-2021-44650

This CVE highlights a vulnerability in Zoho ManageEngine M365 Manager Plus that enables remote command execution through certain components.

What is CVE-2021-44650?

The CVE-2021-44650 vulnerability allows attackers to execute commands remotely by exploiting the proxy settings update functionality in Zoho ManageEngine M365 Manager Plus before Build 4419.

The Impact of CVE-2021-44650

This vulnerability can lead to unauthorized remote code execution, potentially compromising the security and integrity of the affected systems.

Technical Details of CVE-2021-44650

CVE-2021-44650 involves the following technical details:

Vulnerability Description

Remote code execution vulnerability in Zoho ManageEngine M365 Manager Plus
Exploitable through the Admin ProxySettings and Tenant ProxySettings components

Affected Systems and Versions

Product: Zoho ManageEngine M365 Manager Plus
Version: Before Build 4419

Exploitation Mechanism

Attackers can exploit the vulnerability by manipulating proxy settings through the affected components to execute commands remotely.

Mitigation and Prevention

It is crucial to take immediate action to mitigate the CVE-2021-44650 vulnerability:

Immediate Steps to Take

Update Zoho ManageEngine M365 Manager Plus to Build 4419 or later
Monitor and restrict network access to the vulnerable components
Implement strong authentication mechanisms

Long-Term Security Practices

Conduct regular security assessments and audits
Educate users on safe computing practices

Patching and Updates

Stay informed about security updates and patches from Zoho ManageEngine
Apply patches promptly to ensure protection against known vulnerabilities.