Zoho ManageEngine Vulnerability Draws Attention of CISA

Zoho offers some of the best tools for businesses to grow and scale, but is this security vulnerability a dealbreaker?
Conor Cawley

The US Cybersecurity and Infrastructure Security Agency (CISA) is keeping an eye on Zoho, with the agency warning users of a vulnerability in the company's ManageEngine platform.

Zoho is an India-based company that builds a wide range of online tools for businesses to grow. From CRM software to accounting resources, Zoho helps millions of businesses run their day-to-day operations.

Subsequently, a security vulnerability can have cascading consequences if not properly addressed. Read on to learn more about this potential issue to find out whether or not you need to worry about the state of your business' security.

CISA: Zoho ManageEngine Vulnerability Likely Exploited

Announced in a post on the CISA website, the agency added the vulnerability to its Known Exploited Vulnerabilities catalog, noting that there was evidence of active exploitation. The agency scored the vulnerability extremely high as far as severity is concerned, but luckily it was patched in a recent update.

“Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution.” – Zoho spokesperson.

This means that if you use a Zoho service that wasn't listed you're likely in the clear. Zoho CRM, Zoho Books, Zoho Assist and other tools were not affected by the vulnerability, so there's nothing to worry about as far as your security needs are concerned.

Should I Still Use Zoho?

Any security vulnerability, particularly one flagged by the US Cybersecurity and Infrastructure Agency, is going to be cause for alarm. After all, businesses are taking huge financial hits from security breaches, with the average cost hovering around $10 million for everyday companies.

So, should you ditch all your Zoho services and move on to another business that is more secure? Not so fast. While security vulnerabilities aren't ideal, they happen to most businesses at some point, and they aren't always as catastrophic as $10 million sounds. In most cases, the company patches them without any issue, and the majority of users are completely safe.

On top of that, Zoho boasts some of the best options in the business world, so you don't want to miss out on that. Zoho CRM, in particular, is one of the best CRM for small businesses on the market, according to our in-depth research on the topic. They have lots of features while undercutting the competition on price, and they actually have solid security as well, so you can rest assured that your data is safe when using these platforms.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Conor is the Senior Writer for Tech.co. For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at conor@tech.co.

Explore More See all news
close Step up your business video conferencing with GoToMeeting, our top rated conferencing app – try it free for 14 days Try GoToMeeting Free