With Unitrend Backup Appliances, Kaseya offers security solutions especially for larger organizations or managed service providers. With updated software, the manufacturer closes security gaps that could have allowed attackers to smuggle in and execute malicious code. Administrators should apply the updates immediately.

Version 10.5.5 closes a total of twelve security holes; According to Kaseya, versions 10.0.x-10.5.4 are affected. The first of two critical loopholes was torn by the Unitrend Backup Appliance Service bpserverd. Several functions contained therein passed untrustworthy input to system calls. Attackers could have executed arbitrary code as root (CVE-2021-43033, CVSS 9.8).

The second critical vulnerability is an SQL injection vulnerability that attackers could misuse without authentication to execute arbitrary SQL queries – in the context of the PostgreSQL superuser account. This made it possible to execute smuggled code with the rights of the PostgreSQL user (CVE-2021-43035, CVSS 9.8).

Seven further gaps with a severity of “high” and three with a weighting of “medium risk” describes Kaseya in its security bulletin. This includes, for example, a buffer overflow in the vault server that a remote, unauthenticated attacker could misuse to smuggle in and execute malicious code (CVE-2021-43042, “high”). In addition, the old software used weak passwords for preconfigured accounts such as wguest (CVE-2021-43036, “high”). Another way to add PostgreSQL trigger commands to the wguest-Context is extended to PostgreSQL superuser (CVE-2021-43038, “high”).

In addition, the Unitrend Windows Agent was susceptible to so-called DLL injection and so-called binary planting (i.e. the insertion of foreign codes) due to insecure standard authorizations. This allowed users to extend their rights up to the SYSTEM level (CVE-2021-43037, “high”). Details on the other vulnerabilities can be found in the manufacturer’s safety notice. Kaseya recommends that users import the updated software packages immediately and also bring the agents on the clients up to date.

The company made headlines in the middle of the year with a so-called supply chain attack. The background article Kaseya VSA: How the supply chain attacks worked and what they mean for us provides interesting details.


Article source

Disclaimer: This article is generated from the feed and is not edited by our team.

Source link
#Kaseya #closes #critical #vulnerabilities #Unitrend #Backup #Market #Research #Telecast

Leave a Reply