U.S. Agencies Warn of APTs Exploiting Recent ADSelfService Plus Zero-Day


Tracked as CVE-2021-40539 and rated critical severity (CVSS score of 9.8), the vulnerability has been exploited since August 2021 to execute code remotely and take over vulnerable systems.

Affecting the representational state transfer (REST) application programming interface (API) URLs of the self-service password management and single sign-on solution, the issue is an authentication bypass bug that affects all ADSelfService Plus builds up to 6113.

“The FBI, CISA, and CGCYBER assess that advanced persistent threat (APT) cyber actors are likely among those exploiting the vulnerability,” reads a joint advisory issued on Thursday.