Unrated severityCISA KEVNVD Advisory· Published Feb 5, 2019· Updated Oct 21, 2025
CVE-2018-20753
CVE-2018-20753
Description
Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.
Affected products
1Patches
Vulnerability mechanics
References
2- blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88mitrex_refsource_MISC
- helpdesk.kaseya.com/hc/en-gb/articles/360000333152mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.