General Advisory: ManageEngine ADSelfService Plus Vulnerability

ManageEngine has released an important security update for ADSelfService Plus to fix a Remote Code Execution (RCE) vulnerability being tracked as CVE-2021-40539.

This vulnerability is known to be exploited in the wild.

System administrators are urged to apply updates immediately to avoid potential exploitation.

Important links:
CISA Alert: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus/a>
ADSelfService Plus 6114 Security Fix Release Notes