FAIL › dossier

Kaseya vendor

3
failure events
1
zero-days
1
RCEs
3
on KEV
3
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2022-04-13 CVE-2018-20753 critical ⚡RCE ⌖KEV 95 Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
2022-05-24 CVE-2017-18362 critical ⌖KEV 80 ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.
2021-11-03 CVE-2021-30116 critical ◐0day ⌖KEV 80 Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.