CVE-2021-44515: 
Zoho ManageEngine Desktop Central Server vulnerability analysis and mitigation

CVE-2021-44515 is a critical authentication bypass vulnerability discovered in Zoho ManageEngine Desktop Central and Desktop Central MSP that was actively exploited in December 2021. The vulnerability was identified and patched on December 3, 2021, affecting Enterprise builds 10.1.2127.17 and earlier, as well as MSP builds through version 10.1.2137.2 (ManageEngine Advisory, NVD).

The vulnerability allows attackers to bypass authentication protections by sending a specially crafted request to a vulnerable endpoint, potentially leading to unauthenticated remote code execution on the Desktop Central server. The vulnerability received a CVSS v3.1 base score of 9.8 CRITICAL (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (NVD, Tenable Blog).

If successfully exploited, attackers can gain unauthorized access to the system and execute arbitrary code on the Desktop Central server. For MSP installations, compromise could lead to potential access to endpoints and networks of MSP's client organizations (Help Net Security).

Zoho released patches for affected versions and strongly advised customers to update their installations immediately. For Enterprise builds 10.1.2127.17 and earlier, users should upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. Similar upgrade paths were provided for MSP builds. Additionally, Zoho provided an Exploit Detection Tool to help customers identify if their installations were compromised (ManageEngine Advisory).