Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.
  • Residence:
    Dublin
  • County:
    Dublin
  • Country:
    Ireland
Cyber Security Incident Response
Management & Architecture of Cyber Security Teams
Solutions & Coaching
  • Cyber Security Incident Response
  • Management & Architecture of Cyber Security Teams
  • Solutions
  • Training & Coaching

Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

August 28, 2021
Kaseya

U.S. expertise agency Kaseya has released safety patches to deal with two zero-day vulnerabilities affecting its Unitrends enterprise backup and continuity resolution that might lead to privilege escalation and authenticated distant code execution.

The 2 weaknesses are a part of a trio of vulnerabilities found and reported by researchers on the Dutch Institute for Vulnerability Disclosure (DIVD) on July 3, 2021.

Stack Overflow Teams

The IT infrastructure administration resolution supplier has addressed the problems in server software program model 10.5.5-2 launched on August 12, DIVD stated. An as-yet-undisclosed client-side vulnerability in Kaseya Unitrends stays unpatched, however the firm has printed firewall rules that may be utilized to filter site visitors to and from the consumer and mitigate any threat related to the flaw. As a further precaution, it is recommended to not go away the servers accessible over the web.

Though specifics associated to the vulnerabilities are sparse, the shortcomings concern an authenticated distant code execution vulnerability in addition to a privilege escalation flaw from read-only consumer to admin on Unitrends servers, each of which hinge on the chance that an attacker has already gained an preliminary foothold on a goal’s community, making them tougher to take advantage of.

Prevent Ransomware Attacks

The disclosure comes shut to 2 months after the corporate suffered a crippling ransomware strike on its VSA on-premises product, resulting in the mysterious shutdown of REvil cybercrime syndicate within the following weeks. Kaseya has since shipped fixes for the zero-days that have been exploited to realize entry to the on-premise servers, and late final month, stated it obtained a common decryptor “to remediate clients impacted by the incident.”

Posted in SecurityTags:
Write a comment