H3-2022-0011¶

Zoho ManageEngine ADAudit Plus Remote Code Execution Vulnerability

Description¶

Zoho ManageEngine ADAudit Plus is affected by multiple vulnerabilities that, when used in combination, allow remote unauthenticated attackers to achieve remote code execution with the privileges of the ADAudit Plus application.

Impact¶

Remote unauthenticated attackers can execute arbitrary commands on the vulnerable target. Attackers can decrypt the contents of the ADAudit Plus database, which is likely to contain highly privileged Windows domain user credentials in cleartext.

References¶

• ManageEngine Advisory
• NVD: CVE-2022-28219