CVE-2024-28222 (CVSS 9.8): Veritas NetBackup Remote Code Execution Vulnerability

by do son ·

CVE-2024-28222

A severe security vulnerability (CVE-2024-28222) has been uncovered in Veritas NetBackup, the widely used enterprise backup solution. This flaw, with a near-perfect CVSS score of 9.8, could allow unauthenticated hackers to remotely execute malicious code on NetBackup servers and clients.

CVE-2024-28222

CVE-2024-28222, discovered in the NetBackup BPCD process, reveals an inadequate validation of file paths, allowing an unauthenticated attacker to upload and execute a custom file.

What This Means For You

If your organization relies on NetBackup for data protection and you are running a version before 8.1.2 (NetBackup) or 3.1.2 (NetBackup Appliance), your systems are at risk. Attackers could potentially:

  • Steal sensitive data: Access your most critical backups.
  • Deploy ransomware: Encrypt backups and cripple your recovery efforts.
  • Take over systems: Gain a foothold within your network to launch wider attacks.

A History of Exploited NetBackup Flaws

Veritas products are prime targets for hackers. In April 2023, a separate flaw in NetBackup (CVE-2021-27877) was added to CISA’s catalog of actively exploited vulnerabilities. Threat actors, including the infamous BlackCat ransomware gang, were quick to weaponize this flaw in devastating attacks.

Don’t Become the Next Victim: Act Now

The best defense is immediate action:

  1. Upgrade ASAP: If you haven’t already, upgrade all vulnerable NetBackup instances to version 8.3.0.2 or later (NetBackup), or 3.3.0.2 MR2 or later (NetBackup Appliance).
  2. Assess Your Risk: Review your entire IT landscape for potential exposure and take additional protective measures as needed.
  3. Stay Vigilant: Monitor security alerts from Veritas and patch any future vulnerabilities promptly.

The Stakes Are Too High

NetBackup often safeguards an organization’s most valuable asset – its data. A breach could have devastating consequences, from financial loss to reputational damage. Don’t underestimate the seriousness of this vulnerability or the ruthlessness of those who seek to exploit it.

Tags: CVE-2024-28222NetBackupNetBackup ApplianceNetBackup BPCDVeritasVeritas NetBackup