Cloud for SMEsTechnology For SMEs

Zoho ManageEngine Desktop Central 10 Deserialization Vulnerability Could Lead to Remote Code Execution

Sharing is caring!

The Tenable Security Response Team (SRT) launched a Security Advisory for a recently disclosed and patched flaw in Zoho ManageEngine Desktop Central 10. It was discovered by Steven Seeley of Source Incite, who tweeted an advisory [advisory link] for the vulnerability on March 5 including a proof-of-concept (PoC). At the time, there was no CVE identifier associated with the flaw, nor was a patch available. Since disclosing it on Twitter, it was identified as CVE-2020-10189 and Zoho released a patch for the vulnerability in build 10.0.479 on March 6.
According to Seeley, the flaw “exists within the FileStorage class” which does not properly validate user-supplied data, resulting in the deserialization of untrusted data. An unauthenticated, remote attacker could use this vulnerability to “execute code under the context of SYSTEM.”
CVE-2020-10189 is an untrusted deserialization vulnerability in Zoho ManageEngine Desktop Central. The vulnerability stems from an improper input validation in the FileStorage class. According to Seeley, an unauthenticated, remote attacker can abuse the lack of validation in the FileStorage class to upload a malicious file containing a serialized payload onto the vulnerable Desktop Central host. To trigger the untrusted deserialization, an attacker would then need to make a subsequent request for the file uploaded onto the vulnerable host. This would then grant the attacker arbitrary code execution with SYSTEM/root privileges. For more detail, please refer to the proof-of-concept section, which contains Seeley’s detailed breakdown of the vulnerability.

SMEStreet Desk

SMEStreet is fast growing platform dedicated to entrepreneurs from small and medium sized businesses (SMEs). Committed to facilitate Knowledge & Networking for Business Growth, SMEStreet offers value added content which shows the actual voice of Indian MSMEs.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button
%d bloggers like this: