Veeam warns of critical RCE flaw in Backup & Replication software

Veeam warns of critical RCE flaw in Backup & Replication software

September 5, 2024 at 10:23AM

Veeam has released a security bulletin addressing 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and ONE. The most severe is a remote code execution vulnerability on Veeam Backup & Replication, posing a high risk of ransomware exploitation. Multiple critical vulnerabilities have also been identified in Service Provider Console and ONE. Users are advised to upgrade to the fixed versions as soon as possible.

Meeting Notes Summary:

1. Veeam has released a security bulletin addressing 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and ONE.

2. The most severe problem is CVE-2024-40711, a critical remote code execution vulnerability on Veeam Backup & Replication (VBR), with a CVSS v3.1 score of 9.8. This flaw can be exploited without authentication.

3. VBR plays a critical role in data protection for enterprises, making it a high-value target for ransomware operators. They often exploit VBR vulnerabilities to steal backups and disrupt recovery options.

4. Other critical flaws affecting VBR and Backup & Replication versions 12.1.2.172 and older include vulnerabilities related to remote code execution, sensitive data extraction, altering Multi-Factor Authentication settings, weak TLS certificate validation, and path traversal. These have CVSS scores ranging from 7.8 to 8.8.

5. Veeam Service Provider Console and ONE products also faced critical-severity vulnerabilities, allowing attackers to perform remote code execution, access NTLM hashes, and upload arbitrary files onto the server.

6. All the mentioned issues were fixed in Veeam ONE version 12.2.0.4093 and Veeam Service Provider Console version 8.1.0.21377, and users are advised to upgrade to these versions promptly.

Full Article