White hats reported key Kaseya VSA flaw months ago. Ransomware outran the patch

2021-07-08 06:19

One of the vulnerabilities in Kaseya's IT management software VSA that was exploited by miscreants to infect up to 1,500 businesses with ransomware was reported to the vendor in April - and the patch just wasn't ready in time.

Kaseya pulled the plug on its software-as-a-service offering of VSA, and urged all of its customers to switch off their VSA servers to avoid being hit by the ransomware.

Kaseya's customers are primarily managed service providers looking after the IT estates of their own customers, and so by compromising VSA deployments, miscreants can hijack large numbers of downstream systems.

Rewind to April, and the Dutch Institute for Vulnerability Disclosure had privately reported seven security bugs in VSA to Kaseya.

"Victor Gevers, chairman of DIVD, praised Kaseya's response to the bug reports, blogging:"Once Kaseya was aware of our reported vulnerabilities, we have been in constant contact and cooperation with them.

Overnight, Kaseya said it had "Published a runbook of the changes to make to your on-premises environment so customers can prepare for the patch release." That documentation can be found here.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/07/08/kaseya_dutch_vulnerability/

#patch #ransomware #whitehat

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Kaseya		6	0	5	14	13	32