CVE-2018-20753

🗓️ 05 Feb 2019 05:00:00Reported by mitreType

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2018-20753	5 Feb 201900:00	–	attackerkb
Circl	CVE-2018-20753	14 Jun 202321:10	–	circl
CISA KEV Catalog	Kaseya VSA Remote Code Execution Vulnerability	13 Apr 202200:00	–	cisa_kev
Check Point Advisories	Kaseya VSA Remote Code Execution (CVE-2018-20753)	8 May 202200:00	–	checkpoint_advisories
Cvelist	CVE-2018-20753	5 Feb 201905:00	–	cvelist
Tenable Nessus	Kaseya VSA < 9.3.0.35 / 9.4 < 9.4.0.36 / 9.5 < 9.5.0.5 RCE	10 May 202200:00	–	nessus
NVD	CVE-2018-20753	5 Feb 201906:29	–	nvd
OSV	CVE-2018-20753	5 Feb 201906:29	–	osv
Prion	Code injection	5 Feb 201906:29	–	prion
VulnCheck KEV	VulnCheck KEV: CVE-2018-20753	30 Jan 201800:00	–	vulncheck_kev

NVD

Node

kaseya virtual_system_administratorRange9.3–9.3.0.35

kaseya virtual_system_administratorRange9.4–9.4.0.36

kaseya virtual_system_administratorRange9.5–9.5.0.5

Source	Link
helpdesk	www.helpdesk.kaseya.com/hc/en-gb/articles/360000333152
blog	www.blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

07 Nov 2025 19:09Current

9.5High risk

Vulners AI Score9.5

CVSS 27.5

CVSS 3.19.8

EPSS0.47933

SSVC

In Wild