CVE-2018-20753

Published: Feb 5, 2019

Modified: Oct 21, 2025

PUBLISHED

Description

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88

x_refsource_MISC

https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20753

Description

Affected Products

References