CVE-2021-42956

HIGH

Zoho Manageengine Remote Access Plus Server < 10.1.2132.6 - Improper Privilege Management

Title source: rule

Description

Zoho Remote Access Plus Server Windows Desktop Binary fixed in 10.1.2132.6 is affected by a sensitive information disclosure vulnerability. Due to improper privilege management, the process launches as the logged in user, so memory dump can be done by non-admin also. Remotely, an attacker can dump all sensitive information including DB Connection string, entire IT infrastructure details, commands executed by IT admin including credentials, secrets, private keys and more.

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://medium.com/nestedif/vulnerability-disclosure-sensitive-info-leakage-agent-memory-dump-zoho-r-a-p-3d5ebc8928af

Scores

CVSS v3 7.8

EPSS 0.0064

EPSS Percentile 46.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269

Status published

Products (1)

zoho/manageengine_remote_access_plus_server < 10.1.2132.6

Published Nov 17, 2021

Tracked Since Feb 18, 2026