CVE-2021-30116: Multiple Zero-Day Vulnerabilities in Kaseya...

CVE-2021-30116: Multiple Zero-Day Vulnerabilities in Kaseya VSA Exploited to Distribute REvil Ransomware

On July 2, reports emerged that a number of companies whose networks are administered by managed service providers (MSPs) using Kaseya Virtual System Administrator (VSA), a remote monitoring and management (RMM) software from Kaseya Limited, became the victims of a large-scale ransomware attack.

On July 5, Kaseya confirmed that multiple zero-day vulnerabilities were used to target vulnerable VSA server instances, including an authentication bypass flaw and an arbitrary command execution vulnerability. Kaseya is expected to release a patch for customers soon and has instructed Kaseya VSA on-premise customers to shut down their VSA servers until the patch is available.

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

CVE-2021-30116: Multiple Zero-Day Vulnerabilities in Kaseya...

Recent Discussions

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Microsoft Patch Tuesday 2025 Year in Review

Americas

Europe

Asia / Australia