Table of Contents
  • Home
    • /
  • Blog
    • /
  • How To Fix CVE-2021-44515- An Authentication Bypass Vulnerability In Desktop Central And Desktop Central MSP
Arun KL
December 6, 2021
|
4m

How To Fix CVE-2021-44515- An Authentication Bypass Vulnerability In Desktop Central And Desktop Central MSP

Application Security |

Cloud & OS Platforms |

Cyber Attacks |

Cyber Security |

Linux |

Mac |

Mobile |

Threats & Vulnerabilities |

Tutorials |

Vulnerabilities |

Windows

How To Fix Cve 2021 44515 An Authentication Bypass Vulnerability In Desktop Central And Desktop Central Msp

Zoho, an enterprise software provider belles about an authentication bypass vulnerability in its Desktop Central, and Desktop Central MSP is actively exploited in the wild. The flaw which is being tracked as CVE-2021-44515 allows an attacker to bypass authentication and execute arbitrary code in the affected products. Let’s see how to fix CVE-2021-44515 to protect your Desktop Central and Desktop Central MSP from being compromised.

Summary Of The CVE-2021-44515 An Authentication Bypass Vulnerability:

The vendor has concluded the severity of the vulnerability is Critical as it allows the attacker to bypass authentication and execute arbitrary code in Desktop Central and Desktop Central MSP servers.

Products Affected By An Authentication Bypass Vulnerability (CVE-2021-44515):

As per the report published on 3rd Dec 2021,  version builds less than 10.1.2127.17 and 10.1.2128.0 to 10.1.2137.2 are affected by the Authentication Bypass Vulnerability (CVE-2021-44515). It is recommended to upgrade the products to versions 10.1.2127.18 & 10.1.2137.3.

Fix Build:-
For Enterprise:
For builds 10.1.2127.17 and below, upgrade to 10.1.2127.18
For builds 10.1.2128.0 to 10.1.2137.2, upgrade to 10.1.2137.3
For MSP:
For builds 10.1.2127.17 and below, upgrade to 10.1.2127.18
For builds 10.1.2128.0 to 10.1.2137.2, upgrade to 10.1.2137.3

How To Validate Your Desktop Central Is Vulnerable To The CVE-2021-44515 Vulnerability?

The vendor has developed Exploit Detection Tool, which will tell you if your product is vulnerable to the authentication bypass vulnerability. Follow these steps in order to validate your product is vulnerable to the CVE-2021-44515 vulnerability:

  1. Download the Exploit Detection Tool to the server on which Desktop Central or Desktop Central MSP is installed.

  2. extract the Exploit detection Tool to either \ManageEngine\UEMS_CentralServer\bin folder or \ManageEngine\DesktopCentral_Server\bin folder whichever is applicable for you.

  3. Change the directory to either \ManageEngine\UEMS_CentralServer\bin folder or \ManageEngine\DesktopCentral_Server\bin folder.

  4. Run the command RCEScan.bat

  5. You will either see “Compromised” or “Not Compromised” as the output. As it clearly says that, If you see “Not Compromised,” your product is not vulnerable, your are safe, and no action is required, but if you see “Compromised,” then you should plan for upgradation to fix CVE-2021-44515, the authentication bypass vulnerability.

Image published at Desktop Central

How To Fix CVE-2021-44515- An Authentication Bypass Vulnerability In Desktop Central And Desktop Central MSP?

If your products are vulnerable, it is recommended to upgrade the products to version 10.1.2127.18 & 10.1.2137.3.

  1. Take the backup of all the critical business data with the Desktop Central database. We recommend taking the backup of snapshot if it is a VM or at least file backup in the case of a physical server.

  2. Format the disc or delete the VM.

  3. Build a new VM or install the operating system.

  4. Download and install the Desktop Central and Desktop Central MSP. Note: The build version of the new installation should be the same as that of the database backup.

    1. Download Desktop Central:

      1. 10.1.2127.18 or 10.1.2137.3

    2. Download Desktop Central MSP:

      1. 10.1.2127.18 or 10.1.2137.3

  5. Restore the backup and start the server.

    1. How to restore Desktop Central Server?

    2. How to restore Desktop Central MSP Server?

  6. After the data restoration, update the Desktop Central and Desktop Central MSP from their consoles.

    1. Update Desktop Central or Desktop Central MSP:

      1. Log in to your Desktop Central/Desktop Central MSP console.

      2. Click on your current build number in the top right corner.

      3. You can find the latest build. Download the PPM and update.

We hope this post would help you know How to Fix CVE-2021-44515- An authentication bypass vulnerability in Desktop Central and Desktop Central MSP. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this.

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Books

Books

Videos

Videos

Courses

Courses

Certifications

Certifications

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Cyber Security - Books

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe