Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.
References
Link | Resource |
---|---|
https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88 | Exploit Third Party Advisory |
https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-05T05:00:00
Updated: 2019-02-05T05:57:01
Reserved: 2019-02-04T00:00:00
Link: CVE-2018-20753
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-02-05T06:29:00.593
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-20753
JSON object: View
Redhat Information
No data.
CWE