Veeam has sent security updates to address a total of 18 security flaws affecting its software products, including five critical vulnerabilities that could lead to remote code execution.
The list of disadvantages is given below –
- CVE-2024-40711 (CVSS score: 9.8) – Vulnerability in Veeam Backup & Replication that allows unauthenticated remote code execution.
- CVE-2024-42024 (CVSS score: 9.1) – Vulnerability in Veeam ONE that could allow an attacker with agent service account credentials to perform remote code execution on the host machine
- CVE-2024-42019 (CVSS score: 9.0) – Vulnerability in Veeam ONE that allows an attacker to access the NTLM hash of the Veeam Reporter Service account
- CVE-2024-38650 (CVSS score: 9.9) – A vulnerability in the Veeam Service Provider Console (VPSC) that allows a low-privileged attacker to access the NTLM hash of a service account on a server.
- CVE-2024-39714 (CVSS score: 9.9) – Vulnerability in VPSC that could allow a low-privileged user to upload arbitrary files to a server, leading to remote code execution on the server.
In addition, the September 2024 updates address 13 other high-severity vulnerabilities that could allow privilege escalation, multifactor authentication (MFA) bypass, and code execution with elevated permissions.
All the issues have been addressed in the below versions –
- Veeam Backup & Replication 12.2 (build 12.2.0.334)
- Veeam Agent for Linux 6.2 (build 6.2.0.101)
- Veeam ONE v12.2 (build 12.2.0.4093)
- Veeam Service Provider Console v8.1 (build 8.1.0.21377)
- Veeam Backup for Nutanix AHV Plug-In v12.6.0.632
- Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization Plugin v12.5.0.299
With flaws in Veeam’s software, users become a profitable purpose for threat actors to serve ransomware, users are advised to update to the latest version as soon as possible to reduce potential threats.
