Vulnerability Details CVE-2025-3444
Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerable to authenticated Local File Inclusion (LFI) in the Admin module, where help card content is loaded.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.3%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2025-3444
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:-
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.6
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:13.0
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.0
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.2
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.3
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.5
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.6
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.7
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.8
-
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.9
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:-
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:11.0
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.0
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.2
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.3
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.5
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.6
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.9
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:7.9
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:7.90
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:8.0
-
cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:8.1