December 15, 2021 1:45 PM US EST - Added RapidFire Tools to Current Status
December 13, 2021 12:54PM US EST - Added MyITProcess to Current Status
December 13, 2021 10:25AM US EST - Added KCB - Acronis
December 12, 2021 at 3:30PM US EST - Added Graphus to Current Status
December 12, 2021 at 12:32PM US EST - Added BitDefender to Current Status
December 12, 2021 at 9:47 AM US EST - Added Spanning G Suite Backup to Current Status
December 12, 2021 at 9:20 AM US EST - Added Traverse to Current Status
December 11, 2021 at 8:22 PM EST - Updated Current Status
December 10, 2021 at 8:30PM EST - Published
Kaseya is aware of the Log4j2 vulnerability CVE - CVE-2021-44228 (mitre.org) and our product, operations and security teams are currently assessing all products.
As always, please follow cybersecurity best practices including ensuring all of your servers are properly secured behind firewalls, backed up, and not left unprotected on the internet if they are installed on-premises.
Please check back to this site regularly as we will continue to post updates as new information becomes available.
Kaseya has been performing a review of our products, code and production environments. Currently, our analysis indicates that the products listed below are not affected by this vulnerability. As this is an evolving threat, we will update this site as new information becomes available.
VSA SaaS & VSA On-Premises
Spanning O365 Backup
Spanning Salesforce Backup
Spanning G Suite Backup
ID Agent DarkWeb ID and BullPhish ID
Kaseya Cloud Backup Powered by Acronis see - https://security-advisory.acronis.com/advisories/SEC-3859
RapidFire Tools Network Detective
RapidFire Tools Cyber Hawk
*Other products not listed above are currently under investigation and will be updated as our analysis has completed.
- While the VSA On-Premises, AuthAnvil On-Premises or Unitrends Backup products are not affected, customers should investigate the environment where they have installed the product(s) to ensure the operating systems, other software installed on the server and virtual environments are not affected. For example, VMware is commonly used to virtualize the underlying infrastructure and they have provided an update on their products at the following link: https://www.vmware.com/security/advisories/VMSA-2021-0028.html
- While Unitrends products are not affected, we want to remind customers that the supported deployment requires that appliances (virtual or physical appliances) should never be exposed to the internet to limit the attack surface.
- Our analysis was done on the latest released version of each product. SaaS products are always on the latest version, but for on-premises products, you should ensure you have updated to the latest version.