id	author	title	date	pages	extension	mime	words	sentences	flesch	summary	cache	txt
csirt-divd-nl-1063		Kaseya Case Update 2 | DIVD CSIRT			.html	text/html	888	98	63	Kaseya Case Update 2 | DIVD CSIRT Home / Blog / Kaseya case update 2 Multiple vulnerabilities discovered in Kaseya VSA.... A PreAuth RCE vulnerability has been found in vCenter Server... A PreAuth RCE vulnerability has been found in Pulse Connect Secure... CVE-2021-30201 Authenticated XML External Entity vulnerability in Kaseya VS... CVE-2021-30121 Authenticated local file inclusion in Kaseya VSA < v9.5.6... CVE-2021-30120 2FA bypass in Kaseya VSA CVE-2021-30118 Unautheticated RCE in Kaseya VSA < v9.5.5... First things first, yes, Wietse Boonstra, a DIVD researcher, has previously identified a number of the zero-day vulnerabilities [CVE-2021-30116] which are currently being used in the ransomware attacks. Once Kaseya was aware of our reported vulnerabilities, we have been in constant contact and cooperation with them. So, in summary: DIVD has been in a Coordinated Vulnerability Disclosure process with Kaseya, who was working on a patch.	./cache/csirt-divd-nl-1063.html	./txt/csirt-divd-nl-1063.txt