ManageEngine ADSelfService Plus Users Beware of Remote Code Execution Vulnerability

CVECVE-2024-0252
CVSScvssV3_1: 9.9
SourceCVE-2024-0252

ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution, has a high severity remote code execution vulnerability in versions 6401 and below.

Hackers can exploit this flaw by sending specially crafted requests to the load balancer component. This may allow them to execute arbitrary code on systems where the affected versions of ADSelfService Plus are installed.

As ADSelfService Plus is used by many businesses to manage employee passwords and access to internal systems, a remote code execution vulnerability poses a serious risk. An attacker who gains RCE access could steal sensitive data, install malware, or disrupt normal operations.

The best way to protect yourself is to update to the latest version of ADSelfService Plus. Version 6402 and above have fixes for this vulnerability. You should also ensure your load balancer configuration follows security best practices.

If updating is not possible, isolate the affected systems or contact ManageEngine support for mitigation advice. Monitor systems closely for any unauthorized changes. And be extra cautious of any requests or files received from unknown sources until a fix is applied.

References