CVE-2021-43037

low-risk
Published 2021-12-06

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM.

Do I need to act?

-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Kaseya

References (6)

Vendor Advisory https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961
Exploit https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-applian...
Exploit https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-applian...
Vendor Advisory https://helpdesk.kaseya.com/hc/en-gb/articles/4412762258961
Exploit https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-applian...
Exploit https://www.cyberonesecurity.com/blog/exploiting-kaseya-unitrends-backup-applian...
29
/ 100
low-risk
Severity 24/34 · High
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal