Abdullah Aljaber

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine Desktop Central versions prior to 10.0.282 Zoho ManageEngine Desktop Central agent versions prior to 10.0.470 **Description** A security issue was found in Zoho ManageEngine Desktop Central, where a clickable company logo in a window running as SYSTEM can be exploited to escalate privileges. **Recommendations** For versions prior to 10.0.282, update to version 10.0.282 or later to resolve the issue. For cloud agent versions prior to 10.0.470, update to agent version 10.0.470 or later to fix the issue.

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine Desktop Central versions prior to 10.0.282 Zoho ManageEngine Desktop Central agent versions prior to 10.0.470 **Description** An issue in the Self Service Portal of Zoho ManageEngine Desktop Central allows a clickable company logo in a window running as SYSTEM to be abused for privilege escalation. **Recommendations** For versions prior to 10.0.282, update to version 10.0.282 or later to resolve the issue. For cloud agent versions prior to 10.0.470, update to agent version 10.0.470 or later to resolve the issue.