← Zuruck zu CVEs

CVE-2018-20753

CRITICALCISA KEV

9.8

Beschreibung

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht2/5/2019

Zuletzt geandert11/7/2025

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerKaseya

ProduktVirtual System/Server Administrator (VSA)

SchwachstellennameKaseya VSA Remote Code Execution Vulnerability

KEV Aufnahmedatum2022-04-13

Behebungsfrist2022-05-04

Ransomware-NutzungKnown

Betroffene Produkte

kaseya:virtual_system_administrator

Referenzen

https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88(cve@mitre.org)

https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152(cve@mitre.org)

https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88(af854a3a-2127-422b-91ae-364da2661108)

https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-20753(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.