December 4, 2024 at 12:45AM
Veeam released security updates for a critical vulnerability (CVE-2024-42448) in its Service Provider Console, which allows remote code execution. Another vulnerability (CVE-2024-42449) poses risks of NTLM hash leakage and file deletion. Users must upgrade to version 8.1.0.21999 to mitigate risks as there are no alternative fixes.
**Meeting Takeaways – December 4, 2024**
1. **Critical Vulnerability Identified:**
– **CVE-2024-42448**: A severe vulnerability in Veeam’s Service Provider Console (VSPC) permits potential remote code execution (RCE).
– **CVSS Score**: 9.9/10.0, indicating high severity.
– Vulnerability was discovered during internal testing.
2. **Secondary Vulnerability:**
– **CVE-2024-42449**: This vulnerability could result in the leaking of NTLM hashes related to the VSPC server service account and allow file deletion on the VSPC server.
– **CVSS Score**: 7.1, also significant.
3. **Affected Versions:**
– Both vulnerabilities impact Veeam Service Provider Console version 8.1.0.21377 and all earlier versions (7 and 8 builds).
4. **Resolution:**
– Users must upgrade to **version 8.1.0.21999** to resolve these issues.
– There are no current mitigations available; an upgrade is the only solution.
5. **Urgent Action Required:**
– Given the exploitation of Veeam flaws by threat actors for ransomware deployment, immediate action is necessary for users to secure their systems.
6. **Additional Information:**
– Stay updated by following Veeam on Twitter and LinkedIn for more security content and updates.
**Action Item:**
– Ensure that all relevant systems are upgraded to the latest version of Veeam software as soon as possible.