Issue: A Time of Check & Time of Use (TOCTOU) flaw exists within the VSA Agent on the endpoint where a user can take advantage of a race condition, which could result in executing code with system privileges. The likelihood of practical exploit is low. This flaw cannot be executed remotely and requires that an attacker has already compromised the underlying machine gaining local control of the endpoint with the ability to execute their own code.
Resolution: Update your VSA to the latest patch following the steps highlighted here.
- R9.3 or earlier – Upgrade to R220.127.116.11 or R9.5.
- R9.4 – Install patch 18.104.22.168 or higher.
- R9.5 – Not affected.
Note: For Kaseya SaaS customers, no action is required; our SaaS instances are already on R9.5.
Applies to: VSA Version 22.214.171.124 and earlier.