Multiple vulnerabilities in Zoho ManageEngine Desktop Central



Published: 2020-07-27 | Updated: 2020-10-10
Risk High
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2020-15588
CVE-2020-15589
CWE-ID CWE-190
CWE-287
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe
Zoho ManageEngine Desktop Central
Universal components / Libraries / Software for developers

Vendor Zoho Corporation

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

Updated: 10.10.2020

Updated description of vulnerabilities with additional information, raised severity level for vulnerability #2.

1) Integer overflow

EUVDB-ID: #VU31932

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-15588

CWE-ID: CWE-190 - Integer overflow

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within InternetSendRequestEx() or InternetSendRequestByBitrate() functions in the client application when processing responses from the server. A remote attacker can send specially crafted response to port 8383/TCP, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Zoho ManageEngine Desktop Central: 10.0.500 - 10.0.555

External links

http://www.manageengine.com/products/desktop-central/hotfix-readme1.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Authentication

EUVDB-ID: #VU31933

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-15589

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests in agent-server communication in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate functions within the client application. An attacker controlled server can force the client application to skip TLS certificate validation and perform a MitM attack or compromise the affected system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Zoho ManageEngine Desktop Central: 10.0.500 - 10.0.555

External links

http://www.manageengine.com/products/desktop-central/hotfix-readme1.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###