Rapid7 says 6 vulnerabilities found in Veeam Backup and Replication

Rapid7 says 6 vulnerabilities found in Veeam Backup and Replication

Rapid7 says 6 vulnerabilities found in Veeam Backup and Replication

Cybersecurity firm Rapid7 has informed users of recovery software provider Veeam that some of the company’s products contain vulnerabilities.

Referring to Veeam’s September security bulletin, six vulnerabilities were identified in the company’s popular Backup & Replication (VBR) solution, which allows enterprises to back up and restore backups of physical machines, workloads cloud-based and virtual environments.

The most notable is CVE-2024-40711, which affects VBR version 12.1.2.172 and is a “critical unauthenticated remote code execution issue” that could allow a threat actor to gain full control of a system and access and manipulate the data it contains.

The vulnerability has a CVSS score of 9.8, but has been rated “high” instead of “critical,” which “confirms that the exploit is completely unauthenticated,” according to Rapid7.

“While CVE-2024-40711 has received attention from security media and community members, we are not aware of any known exploits as of Monday, September 9, 2024,” it said.

Additionally, five other vulnerabilities were disclosed with VBR, including those that would allow remote deletion of system files (CVE-2024-39718), allowing low-privileged roles to change multi-factor authentication (MFA) settings (CVE-2024-40713 ). ) and more.

“Veeam Backup and Replication customers should upgrade to the latest version of the software immediately, without waiting for a regular patch cycle,” Rapid7 said.

While, as mentioned above, there is no evidence to suggest that CVE-2024-40711 has been exploited in the wild, Veeam software vulnerabilities have been exploited by threat actors in the past, including ransomware groups.

“More than 20 percent of Rapid7 incident response cases in 2024 so far have involved accessing or exploiting Veeam in some way, typically once an adversary has already established a foothold in the target environment.” said Rapid7.

Leave a Reply

Your email address will not be published. Required fields are marked *