Overview
- Description
- Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Known exploits
Data from CISA
- Vulnerability name
- Kaseya VSA Remote Code Execution Vulnerability
- Exploit added on
- Apr 13, 2022
- Exploit action due
- May 4, 2022
- Required action
- Apply updates per vendor instructions.
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22355062-DF3F-4ADD-8441-2996D5E46686",
"versionEndExcluding": "9.3.0.35",
"versionStartIncluding": "9.3"
},
{
"criteria": "cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60635910-DD05-4230-9F28-2B525804F5E6",
"versionEndExcluding": "9.4.0.36",
"versionStartIncluding": "9.4"
},
{
"criteria": "cpe:2.3:a:kaseya:virtual_system_administrator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF8B7BE5-6384-450B-BE61-F5AA4FA552D9",
"versionEndExcluding": "9.5.0.5",
"versionStartIncluding": "9.5"
}
],
"operator": "OR"
}
]
}
]