Lucene search
K

203 matches found

ATTACKERKB
ATTACKERKB
added 2021/12/29 12:0 a.m.2 views

CVE-2021-43589

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system OS command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...

7.2CVSS7AI score0.00444EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2021/12/27 12:0 a.m.13 views

Kaseya VSA Remote Code Execution (CVE-2021-30116)

A remote code execution vulnerability exists in Kaseya VSA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.9AI score0.85619EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.21 views

Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability

Kaseya Virtual System/Server Administrator VSA contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system...

10CVSS8.5AI score0.85619EPSS
In wildExploits1
Information Security Automation
Information Security Automation
added 2021/07/19 4:29 p.m.345 views

Last Week’s Security news: Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins

Hello guys! The fourth episode of Last Week’s Security news, July 12 – July 18. I would like to start with some new public exploits. I think these 4 are the most interesting. If you remember, 2 weeks ago I mentioned the ForgeRock Access Manager and OpenAM vulnerability CVE-2021-35464. Now there i...

10CVSS9.6AI score0.99999EPSS
Exploits31
Malwarebytes
Malwarebytes
added 2021/07/19 7:45 a.m.64 views

“Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13

Kaseya VSA included at least “seven or eight” privately known zero-day vulnerabilities before it suffered a widespread ransomware attack that impacted hundreds of businesses, said Victor Gevers, chair of the Dutch Institute for Vulnerability Disclosure, or DIVD, a volunteer-run organization that...

7.7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/07/15 4:0 a.m.15 views

Kaseya Supply Chain Ransomware Attack

On July 2, 2021, Kaseya disclosed an active attack against customers using its VSA product, and urged all on-premise customers to switch-off Kaseya VSA. Shortly before this alert, users on Reddit started describing ransomware incidents against managed security providers MSPs, and the common threa...

7AI score
Exploits0
CNVD
CNVD
added 2021/07/13 12:0 a.m.5 views

Kaseya VSA SQL Injection Vulnerability

Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A SQL injection vulnerability exists in Kaseya VSA versions prior to 9.5.5, which can be exploited by an attacker to...

9.8CVSS7.9AI score0.72054EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/13 12:0 a.m.11 views

Kaseya VSA Code Injection Vulnerability

Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. Kaseya VSA is vulnerable to a code injection vulnerability, no details of the vulnerability are provided at this time...

6.5CVSS7.1AI score0.04828EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/13 12:0 a.m.12 views

Kaseya VSA Security Bypass Vulnerability

Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A security vulnerability exists in Kaseya VSA that stems from a 2FA bypass. No details of the vulnerability are provid...

9.9CVSS6.7AI score0.05701EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/13 12:0 a.m.8 views

Kaseya VSA Cross-Site Scripting Vulnerability

Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A cross-site scripting vulnerability exists in Kaseya VSA, which can be exploited by an attacker to execute client-sid...

5.4CVSS6.3AI score0.59898EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/13 12:0 a.m.13 views

Kaseya VSA Remote Code Execution Vulnerability

Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A security vulnerability exists in Kaseya VSA versions prior to 9.5.5, which can be exploited by an attacker to remote...

10CVSS6.8AI score0.60348EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2021/07/12 3:53 p.m.103 views

Kaseya Patches Zero-Days Used in REvil Attacks

Kaseya made good on its promise to issue patches by July 11. On Saturday, the company behind the Virtual System/Server Administrator VSA platform that got walloped by the REvil ransomware-as-a-service RaaS gang in a massive supply-chain attack released urgent updates to address critical zero-day...

10CVSS9.2AI score0.85619EPSS
Exploits5References24
HackRead
HackRead
added 2021/07/12 3:48 p.m.42 views

Kaseya issues patches for vulnerabilities exploited in ransomware attack

By Deeba Ahmed Kaseya VSA has released patches for 3 critical vulnerabilities exploited by the REvil ransomware gang in ransomware attack earlier this month. This is a post from HackRead.com Read the original post: Kaseya issues patches for vulnerabilities exploited in ransomware attack...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/12 4:36 a.m.277 views

Kaseya Releases Patches for Flaws Exploited in Widespread Ransomware Attack

Florida-based software vendor Kaseya on Sunday rolled out urgent updates to address critical security vulnerabilities in its Virtual System Administrator VSA solution that was used as a jumping off point to target as many as 1,500 businesses across the globe as part of a widespread supply-chain...

10CVSS0.9AI score0.85619EPSS
Exploits5
CISA
CISA
added 2021/07/12 12:0 a.m.14 views

Kaseya Provides Security Updates for VSA On-Premises Software Vulnerabilities

Kaseya has released VSA version 9.5.7a for their VSA On-Premises software. This version addresses vulnerabilities that enabled the ransomware attacks on Kaseya’s customers. CISA strongly urges Kaseya customers closely follow the instructions detailed in the Kaseya security notice and contact Kase...

6.9AI score
Exploits0References1
NCSC
NCSC
added 2021/07/12 12:0 a.m.8 views

Vulnerabilities fixed in Kaseya Virtual System Administrator (VSA)

Vulnerabilities have been fixed in Kaseya VSA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Remote code execution Administrator/Root rights SQL Injection Access to sensitive data...

10CVSS7.5AI score0.85619EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2021/07/12 12:0 a.m.182 views

Kaseya VSA < 9.5.7a Multiple Vulnerabilities

The version of Kaseya VSA installed on the remote host is affected by multiple vulnerabilities as referenced in the vendor advisory: - Credentials leak and business logic flaw. CVE-2021-30116 - Cross-Site Scripting vulnerability XSS. CVE-2021-30119 - 2FA Authentication bypass. CVE-2021-30120 Note...

10CVSS7.7AI score0.85619EPSS
Exploits2References5
NVD
NVD
added 2021/07/09 2:15 p.m.30 views

CVE-2021-30116

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client...

10CVSS0.85619EPSS
Exploits1References5
NVD
NVD
added 2021/07/09 2:15 p.m.17 views

CVE-2021-30120

Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user...

9.9CVSS0.05701EPSS
Exploits0References3
OSV
OSV
added 2021/07/09 2:15 p.m.5 views

CVE-2021-30118

An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...

9.8CVSS7.2AI score0.60348EPSS
Exploits1References4
Rows per page
Query Builder