This article has been indexed from Softpedia News / Security
Two zero-day vulnerabilities affecting Unitrends backup and continuity service have been patches by Kaseya recently, according to The Hacker News.
Dutch Institute for Vulnerability Disclosure (DIVD) informed that the provider of IT infrastructure management solutions has solved server software bugs 10.5.5-2 reported on August 12. Both vulnerabilities are part of a trio of flaws discovered and reported on July 3, 2021. The issues encompass both an authenticated vulnerability to remote code execution and a privilege escalation fault on Unitrends servers from the read-only user to the administrator.
Users of unpatched software should avoid connecting the affected servers to the Internet
A previously unknown client vulnerability in Kaseya Unitrends has not yet been patched. Then again, the company issues some firewall rules recommendations to…
Read the original article: Kaseya Patches New 0-Day Vulnerabilities Affecting Unitrends Servers