CVE-2020-8838 is a vulnerability in Zoho Corp Manageengine Assetexplorer
Published on March 23, 2020

An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows agent, it does not validate the source and binary downloaded. This allows an attacker on an adjacent network to execute code with NT AUTHORITY/SYSTEM privileges on the agent machines by providing an arbitrary executable via a man-in-the-middle attack.

NVD

Products Associated with CVE-2020-8838

Want to know whenever a new CVE is published for Zoho Corp Manageengine Assetexplorer? stack.watch will email you.

Zoho Corp Manageengine Assetexplorer

Exploit Probability

EPSS

0.33%

Percentile

55.23%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-8838 is a vulnerability in Zoho Corp Manageengine AssetexplorerPublished on March 23, 2020

Products Associated with CVE-2020-8838

Exploit Probability

CVE-2020-8838 is a vulnerability in Zoho Corp Manageengine Assetexplorer
Published on March 23, 2020