The Dutch Institute for Vulnerability Disclosure apparently discovered and reported a series of security vulnerabilities in Kaseya VSA at the start of April.
Kaseya published a series of fixes for these vulnerabilities in April, May and June, but apparently one of the reported vulnerabilities was used in the recent mass ransomware attacks on Kaseya VSA.
The as-of-yet unfixed issues includes CVE-2021-30116, an unauthenticated credentials leak and business logic flaw [1]. This sounds like the first `/dl.asp` vulnerability exploited [2].
1 comment
[ 5.6 ms ] story [ 9.4 ms ] threadKaseya published a series of fixes for these vulnerabilities in April, May and June, but apparently one of the reported vulnerabilities was used in the recent mass ransomware attacks on Kaseya VSA.
The as-of-yet unfixed issues includes CVE-2021-30116, an unauthenticated credentials leak and business logic flaw [1]. This sounds like the first `/dl.asp` vulnerability exploited [2].
[1] https://csirt.divd.nl/csirt-divd-nl/cves/CVE-2021-30116/ [2] https://www.reddit.com/r/msp/comments/ocggbv/comment/h3u5j2e