CVE-2021-44077: 
Zoho ManageEngine ServiceDesk Plus vulnerability analysis and mitigation

CVE-2021-44077 is an unauthenticated remote code execution (RCE) vulnerability affecting Zoho ManageEngine ServiceDesk Plus before version 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014. The vulnerability was discovered and disclosed on September 16, 2021, and is related to /RestAPI URLs in a servlet and ImportTechnicians in the Struts configuration (ManageEngine Advisory).

The vulnerability allows an unauthenticated attacker to execute arbitrary code on affected systems. The issue specifically involves the /RestAPI URLs in a servlet and ImportTechnicians functionality in the Struts configuration. The vulnerability has been rated as critical by ManageEngine, and exploitation can lead to complete system compromise with SYSTEM level privileges (Rapid7).

The vulnerability enables attackers to execute arbitrary code with SYSTEM privileges on affected systems, potentially leading to complete compromise of the ServiceDesk Plus installation. Active exploitation by cyberthreat actors has been observed in the wild (ManageEngine Advisory).

ManageEngine has released patches to address this vulnerability. Users are strongly advised to upgrade to ServiceDesk Plus version 11306 or later, ServiceDesk Plus MSP version 10530 or later, and SupportCenter Plus version 11014 or later. For users unable to update immediately, ManageEngine has provided a detection tool to identify potential compromises and detailed steps for migrating to a new server installation (ManageEngine Advisory).