Local Privilege Escalation in Kaseya Virtual System Administrator Agent
CVE-2017-12410

7.4HIGH

Key Information:

Vendor: Kaseya
Status: Virtual System Administrator
Vendor: CVE Published:; 26 March 2018

What is CVE-2017-12410?

A race condition vulnerability exists in the Kaseya Virtual System Administrator agent, allowing an attacker to exploit the Time of Check to Time of Use (TOCTOU) flaw. This enables the execution of arbitrary programs with elevated privileges, specifically 'NT AUTHORITY\SYSTEM'. The issue arises during the execution of binaries from working or temporary folders, making it crucial for users to ensure they are on the latest version to mitigate potential risks.

References

http://www.securityfocus.com/archive/1/541884/100/0/threaded

mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2018
Vulnerability Reserved
Aug 3, 2017