CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-20753

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score64.7710%
EPSS Percentile96.25th
Published2019年2月5日
Last Modified2025年11月7日

Vulnerability Description

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.

Affected Platforms (CPE)

📦
Kaseya

Virtual System Administrator

>= 9.3 and < 9.3.0.35
📦
Kaseya

Virtual System Administrator

>= 9.4 and < 9.4.0.36
📦
Kaseya

Virtual System Administrator

>= 9.5 and < 9.5.0.5

References & Advisories

🔗 https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88
🔗 https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152
🔗 https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88
🔗 https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-20753

相關漏洞威脅

CVE-2006-068610.0

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new adminis...

CVE-2017-66409.8

A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log ...

CVE-2015-69229.8

Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 do...

CVE-2015-65898.8

Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, ...