CVE-2018-20753

9.8 CRITICAL CISA KEV - Actively Exploited
Published: February 05, 2019 Modified: November 07, 2025
View on NVD

Description

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88
Source: cve@mitre.org
Exploit Third Party Advisory
https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152
Source: cve@mitre.org
Vendor Advisory
https://blog.huntresslabs.com/deep-dive-kaseya-vsa-mining-payload-c0ac839a0e88
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory
https://helpdesk.kaseya.com/hc/en-gb/articles/360000333152
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-20753
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

5 reference(s) from NVD

Quick Stats

CVSS v3 Score
9.8 / 10.0
EPSS (Exploit Probability)
45.3%
97th percentile
Exploitation Status
Actively Exploited
Remediation due: 2022-05-04

Affected Vendors

kaseya