Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets.
Published 2020-03-06 17:15:12
Updated 2022-10-07 13:42:18
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Execute code

CVE-2020-10189 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Zoho ManageEngine Desktop Central File Upload Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution.
Added on 2021-11-03 Action due date 2022-05-03

Exploit prediction scoring system (EPSS) score for CVE-2020-10189

97.21%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2020-10189

  • ManageEngine Desktop Central Java Deserialization
    Disclosure Date: 2020-03-05
    First seen: 2020-04-26
    exploit/windows/http/desktopcentral_deserialization
    This module exploits a Java deserialization vulnerability in the getChartImage() method from the FileStorage class within ManageEngine Desktop Central versions < 10.0.474. Tested against 10.0.465 x64. Quoting the vendor's advisory on fixed versions:

CVSS scores for CVE-2020-10189

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
10.0
HIGH AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
NIST
9.8
CRITICAL CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
MITRE
9.8
CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST

CWE ids for CVE-2020-10189

References for CVE-2020-10189

Products affected by CVE-2020-10189

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!