On March 5th, a functional exploit for an unpatched vulnerability in ManageEngine Desktop Central was published by security researcher Steven Seely. The exploit allows attackers to upload files and remotely run commands with SYSTEM permissions, without any authentication required. Desktop Central is a Zoho product used for endpoint management that Managed Service Providers (MSPs) use frequently. The exploit could allow attackers to gain complete control of servers that are connected to the Internet or move laterally to internal servers from an initial compromise of a workstation. A search on Shodan revealed approximately 2,300 publicly exposed Desktop Central servers that could be targeted.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.