Theguly

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine OpManager versions 11 through 12.2 **Description** The issue concerns the custom encryption algorithm used to protect credentials for accessing monitored devices. This algorithm lacks a per-system key or salt, making it possible to create a universal decryptor. **Recommendations** For versions 11 through 12.2, consider disabling the custom encryption algorithm until a secure alternative is implemented. Restrict access to monitored devices to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.