Veeam has released security updates to fix a total of 18 vulnerabilities in its software products, including five critical flaws that could lead to remote code execution.
Here are some of the key vulnerabilities addressed:
- CVE-2024-40711 (CVSS score: 9.8) – Remote code execution in Veeam Backup & Replication.
- CVE-2024-42024 (CVSS score: 9.1) – Remote code execution in Veeam ONE.
- CVE-2024-42019 (CVSS score: 9.0) – Access to NTLM hash in Veeam ONE.
- CVE-2024-38650 (CVSS score: 9.9) – Access to NTLM hash in Veeam Service Provider Console (VPSC).
- CVE-2024-39714 (CVSS score: 9.9) – Arbitrary file upload in VPSC.
The updates in September 2024 also fix 13 other high-severity vulnerabilities that could result in privilege escalation, multi-factor authentication bypass, and elevated code execution.
The patched versions for the various products are listed below:
- Veeam Backup & Replication 12.2 (build 12.2.0.334)
- Veeam Agent for Linux 6.2 (build 6.2.0.101)
- Veeam ONE v12.2 (build 12.2.0.4093)
- Veeam Service Provider Console v8.1 (build 8.1.0.21377)
- Veeam Backup for Nutanix AHV Plug-In v12.6.0.632
- Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization Plug-In v12.5.0.299
Given the rise in attacks targeting Veeam software users, it’s crucial to update to the latest version promptly to protect against potential threats.
Update
Cybersecurity firm Rapid7 highlighted that over 20% of its incident response cases in 2024 involved Veeam being accessed or exploited after adversaries had gained a foothold in the target environment. Read more here.
If you found this article interesting, follow us on Twitter and LinkedIn for more exclusive content.