CVE-2023-35785 : What You Need to Know
Learn about CVE-2023-35785 affecting Zoho ManageEngine products and the risk of 2FA bypass. Find out the impact, affected versions, and mitigation steps.
Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14204 and below and 143xx 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below, and Support Center Plus 14300 and below are vulnerable to 2FA bypass via a few TOTP authenticators. Note: A valid pair of username and password is required to leverage this vulnerability.
Understanding CVE-2023-35785
This CVE affects various ManageEngine products and allows for 2FA bypass via specific TOTP authenticators.
What is CVE-2023-35785?
CVE-2023-35785 is a vulnerability present in multiple ManageEngine products that could be exploited to bypass 2-factor authentication using certain TOTP authenticators.
The Impact of CVE-2023-35785
The vulnerability in Zoho ManageEngine products could potentially lead to unauthorized access if exploited, compromising the security of the affected systems.
Technical Details of CVE-2023-35785
This section provides more insight into the vulnerability specifics.
Vulnerability Description
The vulnerability allows for the bypass of 2-factor authentication through specific TOTP authenticators in Zoho ManageEngine products.
Affected Systems and Versions
Zoho ManageEngine Active Directory 360 versions 4315 and below and other specified versions of various products are affected by this vulnerability.
Exploitation Mechanism
To exploit this CVE, an attacker would need a valid pair of username and password to bypass the 2-factor authentication.
Mitigation and Prevention
Discover the steps to mitigate and prevent exploitation of this vulnerability.
Immediate Steps to Take
Users are advised to follow immediate security measures to safeguard their systems.
Long-Term Security Practices
Establishing long-term security practices can enhance the overall security posture of the systems.
Patching and Updates
Regularly applying patches and updates from ManageEngine is crucial to protect against this vulnerability.