← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-47966 — Actively Exploited: ManageEngine (Zoho)

Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.

CVE IDCVE-2022-47966
VendorZoho
ProductManageEngine
Vulnerability nameZoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Date added2023-01-23
Remediation due2023-02-13
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionMultiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →