Security Researchers Reveal Activity Targeting ManageEngine ADSelfService Plus

Last Revised

On September 16, CISA released a joint alert on exploitation of a vulnerability (CVE-2021-40539) in ManageEngine ADSelfService Plus. On November 8, security researchers from Palo Alto Networks and Microsoft Threat Intelligence Center (MSTIC) released separate reports on targeted attacks against ManageEngine ADSelfService Plus.  

CISA encourages organizations to review the indicators of compromise and other technical details in the following reports to uncover any malicious activity within their networks.

This product is provided subject to this Notification and this Privacy & Use policy.