CVE-2022-47577

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine Device Control Plus version 10.1.2228.15

Description An issue in the endpoint protection agent of Zoho ManageEngine Device Control Plus allows bypassing USB restrictions by using a virtual machine (VM), enabling file exchange outside the system without leaving a record in the Windows event audit trail. This can be done by any user, even without admin rights. The issue is related to insufficient access control.

Recommendations For Zoho ManageEngine Device Control Plus version 10.1.2228.15, consider disabling the creation of virtual machines (VMs) by non-admin users as a temporary workaround to minimize the risk of exploitation. Restrict access to VM creation to only authorized personnel until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.