First published: 05 Dec 2021
Last updated: 08 Dec 2021

Content written for

Small & medium business
Large organisations & infrastructure
Government

Background /What has happened?

Malicious actors have attempted to use Zoho ManageEngine vulnerabilities in the past to target Australian organisations.

On the 2nd of December 2021, CISA and the FBI released a joint Cybersecurity advisory identifying active exploitation of the Zoho ManageEngine ServiceDesk Plus product suite.

Zoho ManageEngine identified active exploitation of their Desktop Central product suite on the 3rd of December 2021 in an advisory.

A patch already exists for the ServiceDesk Plus product suite due to an existing authentication bypass vulnerability that was made known and patchable on the 17th of September 2021 via a Zoho ManageEngine advisory.

Mitigation / How do I stay secure?

Australian organisations who utilise Zoho ManageEngine products should review Zoho’s ManageEngine’s security advisories below for a list of specific vulnerable products and versions.

Affected organisations should then review their patch status and update to the latest available version.

Additionally, Australian organisations using vulnerable Zoho ManageEngine products should make use of the Zoho ManageEngine exploit detection tool.

Assistance / Where can I go for help?

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ASD’s ACSC via 1300 CYBER1 (1300 292 371).

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it