Andrea Ghelli

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Desktop Central MSP version 10.0.486 Description: The issue is related to DLL Hijacking, where `dcinventory.exe` and `dcconfig.exe` attempt to load `CSUNSAPI.dll` without providing a complete path. This is problematic because the DLL is missing from the installation, allowing for potential DLL hijacking and code injection, which could lead to an escalation of privilege to NT AUTHORITYSYSTEM. Recommendations: For version 10.0.486, consider disabling the `dcinventory.exe` and `dcconfig.exe` executables as a temporary workaround until a patch is available. Restrict access to these executables to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.