KEV Entry
CVE-2021-40539
Known Exploited Vulnerability Entry KEVIntel
Entry Details
Confirmed Exploited2021-11-03 00:00 UTC
Timestamps
2021-11-03
2021-11-03
Scope
KEVIntel entry: Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution. | Affected: Zoho / ManageEngine ADSelfService Plus | CVSS: 9.8 (CRITICAL) | EPSS: 0.9896 | Used in malware: yes | Not yet in CISA KEV: False
References
- {'id': 'CVE-2021-40539', 'url': 'https://www.cve.org/CVERecord?id=CVE-2021-40539'}
- {'id': 'kevintel', 'url': 'https://kevintel.com/CVE-2021-40539'}
f96f6fa3-0101-4d03-8df8-153c4c226421
KEVIntel
caeb2787-0d58-4236-9039-7c86c3e566f3
2026-06-23 14:04 UTC
2026-07-10 06:14 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| public_report | kevintel | confirmed_compromise | 0.70 |
View details
|
- |