CVE-2025-41444: 
Zoho ManageEngine ADAudit Plus vulnerability analysis and mitigation

Zohocorp ManageEngine ADAudit Plus versions 8510 and prior contain an SQL injection vulnerability (CVE-2025-41444) in the alerts module. The vulnerability was discovered internally and fixed in build 8511, released on May 09, 2025. This security issue affects the alerts module of ADAudit Plus, a widely-used Active Directory auditing solution (NVD, ManageEngine).

The vulnerability is classified as an SQL injection flaw (CWE-89) that exists within the alerts module of ADAudit Plus. The severity is rated as HIGH with a CVSS v3.1 base score of 8.3, and vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L. This indicates that the vulnerability requires low attack complexity and can be exploited over the network by an authenticated user with no user interaction required (NVD).

The vulnerability allows an authenticated adversary to execute custom queries and access the database table entries using the vulnerable request. Given the high CVSS score and the nature of SQL injection vulnerabilities, this could potentially lead to unauthorized access to sensitive data stored in the database, manipulation of database contents, and potential compromise of the system's integrity (ManageEngine).

Organizations using affected versions of ADAudit Plus should immediately upgrade to build 8511 or later using the service pack. This build contains the fix for the SQL injection vulnerability (ManageEngine).