The host is installed with Zoho ManageEngine ADSelfService Plus before build 6003 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which does not properly enforce user privileges associated with a Certificate dialog. Successful exploitation could allow an unauthenticated attacker to escalate privileges on a Windows host.