Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx (e.g., FSAdmin123456789) on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. This account is placed into the local Administrators group of all clients assigned to the LAN Cache. When the assigned client is a Domain Controller, the FSAdminxxxxxxxxx account is created as a domain account and automatically added as a member of the domain BUILTIN\Administrators group. Using the well known Pass-the-Hash techniques, an attacker can use the same FSAdminxxxxxxxxx hash from any LAN Cache client and pass this to a Domain Controller, providing administrative rights to the attacker on any Domain Controller. (Local account Pass-the-Hash mitigations do not protect domain accounts.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kaseya VSA RMM 安全漏洞
Vulnerability Description
Kaseya VSA RMM是瑞士卡西亚(Kaseya)公司的一套远程监控和终端管理解决方案。 Kaseya VSA RMM 9.5.0.22及之前版本中存在安全漏洞。攻击者可利用该漏洞获取管理权限。
CVSS Information
N/A
Vulnerability Type
N/A