CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
93.5%
p100
KEV
YES
Dec 1, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
93.5%EPSS · 30 days93.5%
2026-06-302026-07-16
Product
Zoho / ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus
Vulnerability
Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability
Added to KEV
Dec 1, 2021
Remediate by
Dec 15, 2021
Known ransomware use
No
Summary description
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-44077
No related CVEs by CWE or product.