Cybersecurity researchers from the Horizon3 Attack Team have announced plans to release a proof-of-concept (PoC) exploit for a critical vulnerability discovered in a number of VMware products.
Having a PoC released means cybercriminals will get an easy explanation of how to exploit a flaw, which could result in a strong rise in successful breaches.
The flaw in question is tracked as CVE-2022-47966, a vulnerability that allows threat actors to remotely execute code in ManageEngine servers that have had the SAML-based single-sign-on (SSO) enabled at some point in the past (so turning the feature off will solve nothing). The vulnerable endpoints are using an outdated third-party dependency called Apache Santuario, the researchers said, adding that the attackers need not authenticate in order to run the code remotely.
“The vulnerability is easy to exploit and a good candidate for attackers to ‘spray and pray’ across the Internet. This vulnerability allows for remote code execution as NT AUTHORITY\SYSTEM, essentially giving an attacker complete control over the system,” the researchers warned.
“If a user determines they have been compromised, additional investigation is required to determine any damage an attacker has done. Once an attacker has SYSTEM level access to the endpoint, attackers are likely to begin dumping credentials via LSASS or leverage existing public tooling to access stored application credentials to conduct lateral movement.”
Although almost all ManageEngine products are vulnerable to the flaw, parent company Zoho was said to have already released a patch.
Using Shodan to search for unpatched endpoints, the researchers found “thousands” of vulnerable ManageEngine products, instances of ServiceDesk Plus and Endpoint Central.
Right now, there are no reports of CVE-2022-47966 being exploited in the wild, but if IT admins don’t patch the vulnerability on time, we can expect such reports to start pouring in sooner rather than later.
"*" indicates required fields
Software Asset Management is a business practice that involves managing and optimising the life cycle of software within an organisation.
Software asset management is relevant to many facets of a business - take a look at some of the roles that it can form part of the focus of.
Software vendors come in all shape and sizes - all with their own set of licensing models and rules. We take a look at just a few of them.
As a constantly evolving subject, SAM is not without its challenges. We take a look at some of the most common ones.
Wondering what an investment in SAM could do for your business? Fill out a few details and find out what return you could get!
Answer a few questions about your SAM infrastructure & experience, and we'll put together a personalised recommendation for the future.
A simple health check of what's being used across your Office 365 estate in this FREE, Microsoft backed and easy to setup review.
Just like you would with your vehicle each year, get an annual check up of your software asset management programme.
Overwhelmed by the task of documenting the steps for a successful SAM programme? Get the experts in to help!
Concerned your SAM tools aren't covering your whole estate? Or on the look out for an entirely new tool? Get us in to assist.
Not content with covering all things SAM related, we've teamed up with Capital to provide a comprehensive hardware asset management review.
A simple, one-time reconciliation of the software you have deployed versus the licence entitlement you own.
A regularly scheduled analysis of your organisation's estate, specifically adapted to your needs and budget.
A full appraisal of your Microsoft 365 setup and how best to optimise it through automated recommendations.
An add-on to our SAMplicity One, MOT and Plus offerings, quickly diagnose your ability to migrate your resources to the cloud.
In collaboration with law firm Addleshaw Goddard, ensure the legality of your SAM programme and get assistance with any contract disputes.
Available as standard with SAMplicity Plus, ensure you're compliant if you're unexpectedly audited by a vendor.
We've teamed up with some of the forefront experts in licensing knowledge so you can teach yourself to be an expert too.
Stumped by the continually evolving complexities of SAM? Join us for one of our comprehensive courses, either in-person or online.
It’s chock full of useful advice, exclusive events and interesting articles. Don’t miss out!