Skip to main content

CVE-2022-40773: n/a in n/a

High
VulnerabilityCVE-2022-40773cvecve-2022-40773
Published: Sat Nov 12 2022 (11/12/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Zoho ManageEngine ServiceDesk Plus MSP before 10609 and SupportCenter Plus before 11025 are vulnerable to privilege escalation. This allows users to obtain sensitive data during an exportMickeyList export of requests from the list view.

AI-Powered Analysis

AILast updated: 07/02/2025, 02:40:19 UTC

Technical Analysis

CVE-2022-40773 is a high-severity privilege escalation vulnerability affecting Zoho ManageEngine ServiceDesk Plus MSP versions prior to 10609 and SupportCenter Plus versions prior to 11025. The vulnerability allows users with limited privileges to escalate their access rights and obtain sensitive data during the export of request lists, specifically through the exportMickeyList functionality. This issue arises due to improper input validation or access control flaws (classified under CWE-20: Improper Input Validation), enabling unauthorized data exposure. The CVSS v3.1 base score of 8.8 reflects the critical nature of this vulnerability, with an attack vector over the network (AV:N), low attack complexity (AC:L), requiring privileges (PR:L) but no user interaction (UI:N). The impact affects confidentiality, integrity, and availability (C:H/I:H/A:H), indicating that exploitation could lead to significant data breaches, unauthorized data manipulation, and potential service disruption. Although no known exploits are currently reported in the wild, the vulnerability's characteristics suggest that attackers with some level of access could leverage this flaw to gain elevated privileges and access sensitive information, potentially compromising the entire service management environment. Given that ManageEngine ServiceDesk Plus MSP and SupportCenter Plus are widely used IT service management solutions, this vulnerability poses a substantial risk to organizations relying on these platforms for handling internal and external service requests and sensitive operational data.

Potential Impact

For European organizations, the impact of CVE-2022-40773 can be severe. Many enterprises, managed service providers (MSPs), and government agencies in Europe use Zoho ManageEngine products for IT service management and support operations. Exploitation of this vulnerability could lead to unauthorized access to sensitive customer data, internal service requests, and potentially confidential operational information. This could result in data breaches violating GDPR and other data protection regulations, leading to legal penalties and reputational damage. Furthermore, the ability to escalate privileges might allow attackers to manipulate or disrupt service desk operations, impacting business continuity and service quality. The high confidentiality, integrity, and availability impact means that attackers could exfiltrate data, alter records, or cause denial of service conditions. European organizations with complex IT environments and regulatory compliance requirements are particularly at risk, as the compromise of service management platforms can cascade into broader security incidents affecting multiple systems and stakeholders.

Mitigation Recommendations

To mitigate CVE-2022-40773 effectively, European organizations should: 1) Immediately apply the vendor-released patches for ManageEngine ServiceDesk Plus MSP (version 10609 or later) and SupportCenter Plus (version 11025 or later) as soon as they become available. 2) Restrict access to the exportMickeyList functionality and other export features to only highly trusted and necessary users, implementing strict role-based access controls (RBAC). 3) Monitor and audit export activities and privilege escalations within the service management platforms to detect anomalous behavior early. 4) Employ network segmentation and limit exposure of the service management interfaces to trusted networks and VPNs to reduce the attack surface. 5) Conduct regular security assessments and penetration testing focused on privilege escalation vectors within ITSM tools. 6) Educate administrators and users about the risks of privilege escalation and enforce the principle of least privilege across all service desk operations. 7) Implement multi-factor authentication (MFA) for accessing the service management consoles to add an additional layer of security against unauthorized access. These measures, combined with timely patching, will significantly reduce the risk posed by this vulnerability.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-09-18T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9839c4522896dcbecea4

Added to database: 5/21/2025, 9:09:13 AM

Last enriched: 7/2/2025, 2:40:19 AM

Last updated: 7/31/2025, 8:50:02 PM

Views: 14

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats