CVE-2017-12410

Name of the Vulnerable Software and Affected Versions: Kaseya Virtual System Administrator versions 9.3.0.11 and earlier

Description: The issue is related to a Time of Check & Time of Use (TOCTOU) vulnerability. This vulnerability can be exploited by winning a race condition when the Kaseya Virtual System Administrator agent tries to execute its binaries from working and/or temporary folders. Successful exploitation results in the execution of arbitrary programs with "NT AUTHORITYSYSTEM" privileges.

Recommendations: For versions 9.3.0.11 and earlier, consider restricting access to the working and temporary folders used by the Kaseya Virtual System Administrator agent to minimize the risk of exploitation. As a temporary workaround, consider implementing additional security measures to monitor and control the execution of binaries from these folders until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.