CVE-2022-28219 Cewolf in Zoho ManageEngine ADAudit Plus is vulnerable to an XXE attack that leads to RCE.

It is recommended that you upgrade your Zoho ManageEngine ADAudit Plus installation to version 7060 as soon as possible. This update fixes the XXE vulnerability and prevents it from being exploited. In order to install the update, you will need to have access to the system where the application is installed. If you are the system administrator, you can assign the necessary permissions to the end user or contractor. In case you are not in a position to do so, we have a solution for you. Our ADM facility allows you to easily push application updates to the managed applications in your infrastructure.

Prerequisites

- You need to have access to the system where the application is installed.
- If you are the system administrator, you can assign the necessary permissions to the end user or contractor. In case you are not in a position to do so, we have a solution for you. Our ADM facility allows you to easily push application updates to the managed applications in your infrastructure.

How to install update?

To install the update, follow these steps:
1. In Zoho ManageEngine ADAudit Plus, click on the "Help" tab and then on the "Check for updates" button.
2. Choose your language version from the drop-down menu.
3.The system will check for updates in each of the monitored languages and then report the status.
4.If there is an update available, click on "Download Update". Click on "Download Update" again to continue downloading it after it has been downloaded successfully.

Installing Zoho ADM to Update Zoho ManageEngine ADAudit Plus

The ADM software is used by a single user to manage multiple applications. The application is installed on the server, where a single user can run the software. The administrator can then distribute the appropriate configurations with complete privileges to any number of end users or contractors. Once the ADM role is created and assigned, it will be made available in your Zoho ManageEngine ADAudit Plus installation. To install the update, navigate to System > Application Management > Installation > Update Zoho ManageEngine ADAudit Plus from zoho.

ADM Step: Install update from publisher

In order to install this update, make sure you have access to the system where the application is installed.
1. In ADM, select the application that needs an update and click on Edit Application Settings.
2. Click on Install Update from Publisher >> Apply Changes >> OK
3. The update has been successfully applied and you can click on Close Application Management to close the window. For more information about ADM, refer to this article: https://www.zoho.com/help/article/70--ADM-Step-Install-update-from-publisher

What's Changed in Zoho ManageEngine ADAudit Plus 7060?

The vulnerability described in CVE-2022-28219 has been fixed in Zoho ManageEngine ADAudit Plus 7060. When a user opens the application, they will see a dialog informing them that the update is required. The user can choose to upgrade at their convenience or if they are an administrator assigned with the necessary permissions, it will automatically be installed for them.
If you're not on version 7060 yet, please update as soon as possible to avoid exploitation of this vulnerability.

Timeline

Published on: 04/05/2022 19:15:00 UTC
Last modified on: 08/08/2022 19:15:00 UTC

References