CVE-2022-35405
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
CVSS
—
Sin CVSS
EPSS
99.9%
p100
KEV
SÍ
22 sept 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
99.9%EPSS · 30 días99.9%
2026-06-302026-07-16
Producto
Zoho / ManageEngine
Vulnerabilidad
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Añadido a KEV
22 sept 2022
Remediar antes de
13 oct 2022
Uso conocido en ransomware
No
Descripción resumida
Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allows for remote code execution.
Acción requerida
Apply updates per vendor instructions.
Notas
https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-35405.html; https://nvd.nist.gov/vuln/detail/CVE-2022-35405
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2022-47966—100.0%
KEV—80Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability—CVE-2020-10189—100.0%
KEV—80Zoho ManageEngine Desktop Central File Upload Vulnerability—CVE-2021-40539—99.9%
KEV—80Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability—CVE-2022-28810—99.3%
KEV—80Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability—CVE-2019-8394—99.1%
KEV—80Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability—