Authorization Vulnerability in ManageEngine PAM360 and Password Manager Pro
CVE-2025-11669

8.1HIGH

Key Information:

Vendor: Zohocorp
Status: Manageengine Pam360; Manageengine Password Manager Pro; Manageengine Access Manager Plus
Vendor: CVE Published:; 13 January 2026

What is CVE-2025-11669?

Zohocorp's ManageEngine PAM360, Password Manager Pro, and Access Manager Plus are affected by an authorization issue in the remote session initiation functionality. This vulnerability allows unauthorized users to initiate remote sessions, potentially leading to unauthorized access and control over sensitive system components.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ManageEngine Access Manager Plus 0 < 4401

ManageEngine PAM360 0 < 8202

ManageEngine Password Manager Pro 0 < 13221

References

https://www.manageengine.com/privileged-access-management...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Oct 13, 2025

JSON

Zohocorp

What is CVE-2025-11669?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.