CVE-2021-42956

Name of the Vulnerable Software and Affected Versions Zoho Remote Access Plus Server Windows Desktop Binary versions prior to 10.1.2132.6

Description The issue is related to improper privilege management, allowing the process to launch as the logged-in user. This enables a non-admin user to perform a memory dump. An attacker can remotely exploit this to disclose sensitive information, including database connection strings, IT infrastructure details, commands executed by IT administrators (along with credentials), secrets, private keys, and more.

Recommendations For versions prior to 10.1.2132.6, update to version 10.1.2132.6 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and limiting the privileges of non-admin users to minimize the risk of exploitation.