The danger remains for any MSP that has not updated the tool and erased associated logs.
Managed service providers have been warned of two serious vulnerabilities in outdated versions of Kaseya's Network Detective tool, which could leave them and their clients exposed.
Channel Futures reports that the issues, uncovered by Galactic's cybersecurity team during internal research, included one flaw that stored administrator passwords in plain text and another that used weak, predictable encryption, making sensitive credentials easily retrievable.
Although Kaseya has since patched the flaws, Cody Kretsinger, principal security advisor at Galactic Advisors, stressed that the danger remains for any MSP that has not updated the tool and erased associated logs. "These credentials were typically administrative – or privileged – accounts," Kretsinger said, noting that an attacker could fully compromise an environment if the credentials were accessed.
He emphasised that these vulnerabilities stemmed from poor coding practices and not from anything MSPs could have controlled prior to the fixes. Immediate updates and password rotations are strongly advised to prevent exploitation.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
