CVE-2021-43033

Name of the Vulnerable Software and Affected Versions Kaseya Unitrends Backup Appliance versions prior to 10.5.5

Description An issue was discovered in the Kaseya Unitrends Backup Appliance, where multiple functions in the bpserverd daemon were vulnerable to arbitrary remote code execution as root. The vulnerability was caused by untrusted input being passed to system calls.

Recommendations For versions prior to 10.5.5, update to version 10.5.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the bpserverd daemon to minimize the risk of exploitation.