High severity7.4NVD Advisory· Published Mar 26, 2018· Updated Jun 17, 2026
CVE-2017-12410
CVE-2017-12410
Description
It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders. Successful exploitation results in the execution of arbitrary programs with "NT AUTHORITY\SYSTEM" privileges.
Affected products
1- Range: <=9.3.0.11
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.