The FBI and CISA are warning of active exploitation of a newly patched flaw in Zoho’s product. The issue relates to an unauthenticated, remote code execution vulnerability affecting ServiceDesk Plus versions up to and including 11305. Zoho addressed the same flaw in versions 11306 and above on September 16, 2021. The attacks are believed to be orchestrated by a “persistent and determined APT actor” tracked by Microsoft under the moniker “DEV-0322,” an emerging threat cluster that Microsoft says is operating out of China.”]
Source: https://thehackernews.com/2021/12/cisa-warns-of-actively-exploited.html