13 C
New York
Thursday, October 17, 2024

Veeam Releases Safety Updates to Repair 18 Flaws, Together with 5 Vital Points


Sep 05, 2024Ravie LakshmananRisk Prevention / Software program Safety

Veeam Releases Safety Updates to Repair 18 Flaws, Together with 5 Vital Points

Veeam has shipped safety updates to handle a complete of 18 safety flaws impacting its software program merchandise, together with 5 vital vulnerabilities that would end in distant code execution.

The listing of shortcomings is beneath –

  • CVE-2024-40711 (CVSS rating: 9.8) – A vulnerability in Veeam Backup & Replication that permits unauthenticated distant code execution.
  • CVE-2024-42024 (CVSS rating: 9.1) – A vulnerability in Veeam ONE that permits an attacker in possession of the Agent service account credentials to carry out distant code execution on the underlying machine
  • CVE-2024-42019 (CVSS rating: 9.0) – A vulnerability in Veeam ONE that permits an attacker to entry the NTLM hash of the Veeam Reporter Service service account
  • CVE-2024-38650 (CVSS rating: 9.9) – A vulnerability in Veeam Service Supplier Console (VPSC) that permits a low privileged attacker to entry the NTLM hash of the service account on the server
  • CVE-2024-39714 (CVSS rating: 9.9) – A vulnerability in VPSC that allows a low-privileged consumer to add arbitrary recordsdata to the server, leading to distant code execution on the server

As well as, the September 2024 updates tackle 13 different high-severity flaws that would allow privilege escalation, multi-factor authentication (MFA) bypass, and execute code with elevated permissions.

Cybersecurity

All the problems have been addressed within the beneath variations –

  • Veeam Backup & Replication 12.2 (construct 12.2.0.334)
  • Veeam Agent for Linux 6.2 (construct 6.2.0.101)
  • Veeam ONE v12.2 (construct 12.2.0.4093)
  • Veeam Service Supplier Console v8.1 (construct 8.1.0.21377)
  • Veeam Backup for Nutanix AHV Plug-In v12.6.0.632
  • Veeam Backup for Oracle Linux Virtualization Supervisor and Crimson Hat Virtualization Plug-In v12.5.0.299

With flaws in Veeam software program Customers changing into a profitable goal for menace actors to serve ransomware, customers are suggested to replace to the newest model as quickly as potential to mitigate potential threats.

Discovered this text fascinating? Comply with us on Twitter and LinkedIn to learn extra unique content material we put up.



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles