CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2018-20753

CVSS 9.8v3.1pub. 2019-02-05upd. 2025-11-07

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Kaseya Virtual System Administrator

    APP
    Kaseya
    9.3 – 9.3.0.35 (bez)9.4 – 9.4.0.36 (bez)9.5 – 9.5.0.5 (bez)

CISA KEV — detailsi

Vendori
Kaseya
Producti
Virtual System/Server Administrator (VSA)
Added to KEVi
April 13, 2022
Remediation deadline (US Federal)i
May 4, 2022(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 4 maja 2022
CWE
References

Related vulnerabilities

CVE-2015-6922CRITICAL9.8ten sam produkt

Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9...

CVE-2015-6589HIGH8.8ten sam produkt

Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0...

CVE-2019-15506HIGH7.5ten sam produkt

An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. It has a critical infor...

CVE-2017-12410HIGH7.4ten sam produkt

It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition whe...

CVE-2015-2863MEDIUM4.3ten sam produkt

Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0...