Vulnerability Management, MSP

Kaseya Vulnerabilities Leave MSPs Exposed

The vast majority of cyber intrusions exploit well-known vulnerabilities that are easy to identify and correct, Scott noted. Agencies must take immediate action on DHS Vulnerability Scan Reports they receive each week, reporting back on progress and challenges within 30 days.

Two security flaws discovered in Kaseya’s Network Detective tool could still pose a risk to MSPs and their clients, even after patches were issued, reports Channel Futures. The issues, uncovered by Galactic Advisors, involved the insecure handling of admin credentials, some stored in plain text, others protected by weak encryption. Both flaws could have allowed attackers to gain access to privileged systems managed by MSPs.

Network Detective is used widely across the MSP space for scanning, reporting, and vulnerability management. The tool often has deep access into client environments, which makes the nature of these vulnerabilities especially serious. If exploited, the flaws could have provided an easy path for attackers to take full control of systems.

Galactic Advisors worked directly with Kaseya to resolve the issues, but the risks haven’t entirely gone away. If MSPs haven’t yet upgraded to the latest version of Network Detective, cleared old logs, and rotated credentials, they may still be vulnerable. The credentials affected weren’t just any passwords, they were often high-level admin accounts that control large swaths of infrastructure.

This incident is another reminder that supply chain security for MSPs isn't just about external attacks. It also depends on the hygiene of the tools they rely on. MSPs should treat this as a high-priority cleanup task, and assume that if the credentials were exposed, they should be considered compromised.

You can skip this ad in 5 seconds