Overview
Zoho ManageEngine Desktop Central is a unified endpoint management solution that allows for the remote management of servers, desktops, laptops, smartphones, and tablets. It allows organizations to automate patch management, software deployments, and provides remote desktop capabilities.
| Delivery | Software |
| Category | Monitoring |
| Function | Unified Endpoint Management |
| Manufacturer | Zoho |
| Prevalence | Low |
Notable Details
- Central IT asset management software is a high value target for malicious actors as it provides access to a broad range of capabilities to allow them to infiltrate a network and move laterally across the network to other devices.
- Zero-day Remote Code Execution (RCE) vulnerability released on March 5, 2020 impacting the Zoho technology.
- Open source intelligence from FireEye suggests that APT41 cyber espionage actors are actively leveraging this vulnerability in the wild.
Visibility
- PassiveTotal Internet Observations
- Digital Footprint Observations
Recent Vulnerabilities
- CVE-2020-10189––https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10189
Detection
RiskIQ detects Zoho ManageEngine Desktop Central by crawling the Internet using “virtual users”. These virtual users interact with web pages like a normal user, but as they browse, they also collect all observed information. This includes the web page body, changes, headers, cookies and relationships. RiskIQ performs billions of web requests per day amounting to terabytes of observations.
Trending
Current Visibility: 3,424 Total IP addresses
