CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2017-18362

CVSS 9.8v3.1pub. 2019-02-05upd. 2025-11-05

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all endpoints managed by the VSA server. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run arbitrary SQL queries, both read and write, without authentication.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Connectwise Manageditsync

    APP
    Connectwise
    ≤ 2017

CISA KEV — detailsi

Vendori
Kaseya
Producti
Virtual System/Server Administrator (VSA)
Added to KEVi
May 24, 2022
Remediation deadline (US Federal)i
June 14, 2022(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

The impacted product is end-of-life and should be disconnected if still in use.

CISA descriptioni

ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 14 czerwca 2022
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2024-1709CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Authentication Bypass w ConnectWise ScreenConnect — bezpośredni dostęp do systemów

CVE-2025-14265CRITICAL9.1PL ✓ten sam vendor

ConnectWise ScreenConnect — instalacja niezaufanych rozszerzeń z RCE

CVE-2025-11492CRITICAL9.6PL ✓ten sam vendor

ConnectWise Automate Agent – nieszyfrowana komunikacja HTTP podatna na MITM

CVE-2023-25718CRITICAL9.8ten sam vendor

In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signe...

CVE-2021-35066CRITICAL9.8ten sam vendor

An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.