PT-2026-42464 · Manageengine · Datasecurity Plus+2
Published
2026-05-21
·
Updated
2026-05-21
·
CVE-2026-2740
CVSS v3.1
8.4
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
ADSelfService Plus versions prior to 6525
DataSecurity Plus versions prior to 6264
RecoveryManager Plus versions prior to 6313
Description
Authenticated remote code execution can occur in agent machines due to a bug in a third-party dependency.
Recommendations
Update ADSelfService Plus to version 6525 or later.
Update DataSecurity Plus to version 6264 or later.
Update RecoveryManager Plus to version 6313 or later.
Fix
RCE
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Adselfservice Plus
Datasecurity Plus
Recovermanager Plus