Active exploitation of the CVE-2022-47966 ManageEngine flaw is underway.
The critical-severity unauthenticated remote code execution flaw is now being actively exploited, according to CISA.