Security advisories

Kaseya Patches VSA

July 12, 2021 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

On July 11th, 2021, Kaseya released security patches for multiple vulnerabilities impacting the Kaseya VSA product, that was actively exploited in the recent REvil ransomware campaign. Kaseya’s Cloud offering, Kaseya SaaS VSA, was brought back online at the same time as security patches were released.

Organizations are recommended to review the Kaseya playbook for patching, and after performing a business impact review, apply the relevant security patches.

What we’re doing about it

What you should do about it

Additional information

This incident was initially speculated to be caused by a supply-chain attack against Kaseya but has since been traced back to a chain of zero-day vulnerabilities in the Kaseya platform. Patched vulnerabilities are as follows:

Three additional issues were fixed but did not receive CVE designations:

To date, the REvil attack on Kaseya products resulted in approximately 60 Kaseya customers, including MSPs, being impacted. Including MSP’s customers, approximately 1,500 organizations total were impacted by REvil ransomware.

References:

[1] https://www.kaseya.com/potential-attack-on-kaseya-vsa/
[2] https://helpdesk.kaseya.com/hc/en-gb/articles/4403785889041

View Most Recent Advisories