203 matches found
CVE-2021-43589
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system OS command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...
Kaseya VSA Remote Code Execution (CVE-2021-30116)
A remote code execution vulnerability exists in Kaseya VSA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability
Kaseya Virtual System/Server Administrator VSA contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system...
Last Week’s Security news: Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins
Hello guys! The fourth episode of Last Week’s Security news, July 12 – July 18. I would like to start with some new public exploits. I think these 4 are the most interesting. If you remember, 2 weeks ago I mentioned the ForgeRock Access Manager and OpenAM vulnerability CVE-2021-35464. Now there i...
“Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13
Kaseya VSA included at least “seven or eight” privately known zero-day vulnerabilities before it suffered a widespread ransomware attack that impacted hundreds of businesses, said Victor Gevers, chair of the Dutch Institute for Vulnerability Disclosure, or DIVD, a volunteer-run organization that...
Kaseya Supply Chain Ransomware Attack
On July 2, 2021, Kaseya disclosed an active attack against customers using its VSA product, and urged all on-premise customers to switch-off Kaseya VSA. Shortly before this alert, users on Reddit started describing ransomware incidents against managed security providers MSPs, and the common threa...
Kaseya VSA SQL Injection Vulnerability
Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A SQL injection vulnerability exists in Kaseya VSA versions prior to 9.5.5, which can be exploited by an attacker to...
Kaseya VSA Code Injection Vulnerability
Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. Kaseya VSA is vulnerable to a code injection vulnerability, no details of the vulnerability are provided at this time...
Kaseya VSA Security Bypass Vulnerability
Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A security vulnerability exists in Kaseya VSA that stems from a 2FA bypass. No details of the vulnerability are provid...
Kaseya VSA Cross-Site Scripting Vulnerability
Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A cross-site scripting vulnerability exists in Kaseya VSA, which can be exploited by an attacker to execute client-sid...
Kaseya VSA Remote Code Execution Vulnerability
Kaseya VSA is the RMM Remote Monitoring and Management software commonly used by Kaseya's Managed Service Providers MSPs in the United States to manage their customers' networks. A security vulnerability exists in Kaseya VSA versions prior to 9.5.5, which can be exploited by an attacker to remote...
Kaseya Patches Zero-Days Used in REvil Attacks
Kaseya made good on its promise to issue patches by July 11. On Saturday, the company behind the Virtual System/Server Administrator VSA platform that got walloped by the REvil ransomware-as-a-service RaaS gang in a massive supply-chain attack released urgent updates to address critical zero-day...
Kaseya issues patches for vulnerabilities exploited in ransomware attack
By Deeba Ahmed Kaseya VSA has released patches for 3 critical vulnerabilities exploited by the REvil ransomware gang in ransomware attack earlier this month. This is a post from HackRead.com Read the original post: Kaseya issues patches for vulnerabilities exploited in ransomware attack...
Kaseya Releases Patches for Flaws Exploited in Widespread Ransomware Attack
Florida-based software vendor Kaseya on Sunday rolled out urgent updates to address critical security vulnerabilities in its Virtual System Administrator VSA solution that was used as a jumping off point to target as many as 1,500 businesses across the globe as part of a widespread supply-chain...
Kaseya Provides Security Updates for VSA On-Premises Software Vulnerabilities
Kaseya has released VSA version 9.5.7a for their VSA On-Premises software. This version addresses vulnerabilities that enabled the ransomware attacks on Kaseya’s customers. CISA strongly urges Kaseya customers closely follow the instructions detailed in the Kaseya security notice and contact Kase...
Vulnerabilities fixed in Kaseya Virtual System Administrator (VSA)
Vulnerabilities have been fixed in Kaseya VSA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Remote code execution Administrator/Root rights SQL Injection Access to sensitive data...
Kaseya VSA < 9.5.7a Multiple Vulnerabilities
The version of Kaseya VSA installed on the remote host is affected by multiple vulnerabilities as referenced in the vendor advisory: - Credentials leak and business logic flaw. CVE-2021-30116 - Cross-Site Scripting vulnerability XSS. CVE-2021-30119 - 2FA Authentication bypass. CVE-2021-30120 Note...
CVE-2021-30116
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client...
CVE-2021-30120
Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user...
CVE-2021-30118
An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...