Zohocorp Manageengine Endpoint Central — known CVE vulnerabilities
Every CVE whose affected-product data names Zohocorp Manageengine Endpoint Central, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-38868 — CVSS 7.6 (high): Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects…
CVE-2024-10203 — CVSS 7.0 (high): Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in…
CVE-2023-6105 — CVSS 5.5 (medium): An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A…
CVE-2025-7473 — CVSS 5.2 (medium): Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection.
CVE-2025-5494 — CVSS 3.9 (low): ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects…
CVE-2024-9097 — CVSS 3.5 (low): ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the…
CVE-2025-5496 — CVSS 3.3 (low): ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file…
CVE-2025-11248 — CVSS 3.2 (low): ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An…