ManageEngine has released an important security update for ADSelfService Plus to fix a Remote Code Execution (RCE) vulnerability being tracked as CVE-2021-40539.
This vulnerability is known to be exploited in the wild.
System administrators are urged to apply updates immediately to avoid potential exploitation.
CISA Alert: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus/a>
ADSelfService Plus 6114 Security Fix Release Notes