Muupangiri watsopano wophatikizira chitetezo, FBI, CISA ndi Cyber ​​Command of the Coast Guard (CGCYBER) amachenjeza makampani omwe akuvomerezedwa ndi boma masitepe a Advanced Persistent Threat (APT) akugwiritsa ntchito mwakhama chiopsezo chachikulu pa pulogalamu ya Zoho.

Kuwonongeka komweko, komwe kumadziwika kuti CVE-zikwi ziwiri makumi awiri mphambu makumi anayi mphambu makumi asanu mphambu makumi asanu ndi anayi mphambu zisanu ndi zinayi, kunapezeka mu pulogalamu ya Zoho's ManageEngine ADSelfService Plus, yomwe imapereka mwayi wogwiritsa ntchito ma sign-password achinsinsi. Ngati cholakwikachi chikugwiritsidwa ntchito bwino, chitha kuloleza wotsutsa kuti atenge machitidwe osalimba pamakampani ogulitsa.

Upangiri watsopanowu wachitetezo chotsatira potsatira upangiri wofananira womwe waperekedwa posachedwa ndi mabungwe owopsa a CISA kuti cholakwika chachitetezo, chomwe chitha kugwiritsidwa ntchito kukwaniritsa ma code obisika, mu pulogalamu ya Zoho imagwiritsidwa ntchito mwamphamvu kuthengo.

CISA idafotokozanso momwe ochita ziwopsezo amagwiritsa ntchito chiwopsezochi polangizira limodzi ndi FBI ndi CGCYBER, nati:

"Kugwira ntchito kwa ManageEngine ADSelfService Plus kukuyimira ngozi yayikulu kumakampani ovuta a zomangamanga, aku US ovomerezeka omanga chitetezo, mabungwe ophunzira ndi ena omwe amagwiritsa ntchito pulogalamuyi. Kugwiritsa ntchito bwino chiwopsezo kumalola womutsutsayo kukhazikitsa mawebusayiti, omwe amalola wotsutsa kuti achite zochitika pambuyo pake, monga kunyengerera zikalata za woyang'anira, kupukuta mbali, ndikuwononga ming'oma ndi mafayilo kuchokera ku Active Directory.

Kusuntha kotsatira

Pomwe kutsimikizika kudutsa pachiwopsezo kudagwiritsidwa ntchito mu ManageEngine ADSelfService, omenyerawo adayigwiritsa ntchito kuyika zipolopolo zamasamba a JavaServer Pages (JSP) zobisika ngati satifiketi ya X509.

Pogwiritsira ntchito chipolopolochi, omenyanawo amatha kuyenda mozungulira pa intaneti pogwiritsa ntchito Windows Management Instrumentation (WMI) kuti athe kulumikizana ndi olamulira ndi kupondereza ming'oma ya NTDS.dit ndi SECURITY / SYSTEM malinga ndi lipoti latsopano lochokera ku BleepingComputer.

Tiyenera kudziwa kuti ma suites a APT omwe akutenga mwayi wokhudzidwa kumeneku kuthengo adayambitsa ziwopsezo pamabungwe angapo, kuphatikiza maphunziro, chitetezo, mayendedwe, ukadaulo wazidziwitso, kupanga, kulumikizana, zogwirira ntchito, chitetezo ndi zachuma.

Mabungwe omwe amagwiritsa ntchito Zoho ManageEngine ADSelfService akuyenera kusinthira mapulogalamu awo kuti akhale mtundu waposachedwa kwambiri womwe watulutsidwa koyambirira kwa mwezi uno womwe uli ndi chigamba cha CVE-zikwi ziwiri mphambu makumi awiri mphambu makumi anayi kudza makumi anayi mphambu makumi asanu ndi anayi mphambu zisanu ndi zinayi. FBI, CISA ndi CGCYBER amalangizanso kuti mabungwe awonetsetse kuti ADSelfService Plus siyotheka mwachindunji kuchokera pa intaneti kuti apewe kuzunzidwa komwe kungagwiritse ntchito chiwopsezo ichi.

Pogwiritsa ntchito BleepingComputer

Gawani
A %d Olemba mabulogu monga: