May 31, 2023

Kaseya Unitrends is a cloud-based enterprise solution that provides affordable, low-maintenance data protection offering to complement existing client backup and recovery solutions. The vulnerabilities include remote code execution and authenticated privilege escalation on the client-side.

Experts from the Dutch Institute for Vulnerability Disclosure (DIVD) disclosed three new vulnerabilities in the Unitrends backup product that have yet to be addressed.

The zero-day vulnerabilities impact Kaseya Unitrends versions prior 10.5.2. The advisory recommends customers using the flawed solution to avoid exposing the service online running on default ports.

A DIVD researcher has identified several vulnerabilities in the Kaseya Unitrends backup product version < 10.5.2. Do not expose this service or the clients (running default on ports 80, 443, 1743, 1745) directly to the internet until Kaseya has patched these vulnerabilities.

Tags:

Leave a Reply

You may have missed

Mirai Bots Targeting IoT Devices

Mirai Bots Targeting IoT Devices

May 30, 2023
Watering hole attack from Tortoiseshell group

Watering hole attack from Tortoiseshell group

May 29, 2023
New TLD Based Phishing Campaign

New TLD Based Phishing Campaign

May 29, 2023
CrowdStrike strategy dominates MDR Market

CrowdStrike strategy dominates MDR Market

May 28, 2023
TheCyberThrone Security Week In Review–May 27, 2023

TheCyberThrone Security Week In Review–May 27, 2023

May 28, 2023
Zyxel Patches Critical Buffer Overflow Vulnerability

Zyxel Patches Critical Buffer Overflow Vulnerability

May 27, 2023
%d bloggers like this: