Issue: A Time of Check & Time of Use (TOCTOU) flaw exists within the VSA Agent on the endpoint where a user can take advantage of a race condition, which could result in executing code with system privileges. The likelihood of practical exploit is low. This flaw cannot be executed remotely and requires that an attacker has already compromised the underlying machine gaining local control of the endpoint with the ability to execute their own code.
Resolution: Update your VSA to the latest patch following the steps highlighted here.
- R9.3 or earlier – Upgrade to R18.104.22.168 or R9.5.
- R9.4 – Install patch 22.214.171.124 or higher.
- R9.5 – Not affected.
Note: For Kaseya SaaS customers, no action is required; our SaaS instances are already on R9.5.
Applies to: VSA Version 126.96.36.199 and earlier.