Veeam has rolled out a set of critical security updates aimed at addressing 18 vulnerabilities across its software products. Among these, five are categorized as critical, with the potential to result in remote code execution (RCE) if left unpatched. With Veeam products becoming attractive targets for threat actors, these vulnerabilities pose a significant risk, making it essential for users to apply the latest updates.
Critical Vulnerabilities to Note
-
CVE-2024-40711 (CVSS score: 9.8)
This vulnerability in Veeam Backup & Replication allows unauthenticated remote code execution, posing a severe risk of compromise. -
CVE-2024-42024 (CVSS score: 9.1)
Found in Veeam ONE, this flaw allows an attacker with access to the Agent service account credentials to execute remote code on the machine. -
CVE-2024-42019 (CVSS score: 9.0)
Another vulnerability in Veeam ONE, this bug allows attackers to gain access to the NTLM hash of the Veeam Reporter Service service account. -
CVE-2024-38650 (CVSS score: 9.9)
This issue in Veeam Service Provider Console (VPSC) enables low-privileged attackers to retrieve the NTLM hash of the service account, granting potential access to sensitive data. -
CVE-2024-39714 (CVSS score: 9.9)
Also within VPSC, this flaw allows low-privileged users to upload arbitrary files to the server, leading to remote code execution.
Other High-Severity Vulnerabilities
In addition to the five critical vulnerabilities, the September 2024 updates address 13 other high-severity flaws. These include vulnerabilities that could lead to privilege escalation, multi-factor authentication (MFA) bypass, and the execution of code with elevated permissions.
Affected Products and Patch Information
All identified vulnerabilities have been addressed in the following updated versions of Veeam products:
- Veeam Backup & Replication 12.2 (build 12.2.0.334)
- Veeam Agent for Linux 6.2 (build 6.2.0.101)
- Veeam ONE v12.2 (build 12.2.0.4093)
- Veeam Service Provider Console v8.1 (build 8.1.0.21377)
- Veeam Backup for Nutanix AHV Plug-In v12.6.0.632
- Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization Plug-In v12.5.0.299
The Importance of Updating
With ransomware groups increasingly targeting Veeam software, it is crucial for users to update to the latest version as soon as possible. The vulnerabilities, if exploited, could allow unauthorized access, enabling attackers to infiltrate systems and deliver malicious payloads.
Updating to the newest version ensures that these critical security flaws are mitigated, reducing the risk of compromise.