Veeam Backup & Replication Faces RCE Flaw– CVE-2024-40711 (CVSS 9.8) Allows Full System Takeover

A series of critical vulnerabilities have been uncovered in Veeam Backup & Replication, potentially exposing organizations to unauthorized access, remote code execution, and data breaches. The most severe vulnerability (CVE-2024-40711, CVSS 9.8) allows unauthenticated attackers to execute code remotely, granting them full control over the affected system.

These vulnerabilities impact various aspects of Veeam Backup & Replication, including:

• Remote Code Execution (RCE): Multiple vulnerabilities enable attackers to execute malicious code on the system, even with low-privileged user accounts (CVE-2024-40710, CVE-2024-40711).
• Multi-Factor Authentication (MFA) Bypass: A flaw allows low-privileged users to modify MFA settings and bypass this crucial security layer (CVE-2024-40713).
• Sensitive Information Disclosure: Attackers can extract saved credentials and passwords from the system, potentially leading to further compromise (CVE-2024-40710).
• Unauthorized File Deletion: Low-privileged users can remotely delete files with the same permissions as the service account (CVE-2024-39718).
• Credential Interception: A TLS certificate validation vulnerability allows attackers on the same network to intercept sensitive credentials during restore operations (CVE-2024-40714).
• Local Privilege Escalation (LPE): A path traversal vulnerability enables attackers with local access to escalate their privileges on the system (CVE-2024-40712).

The urgency of this situation cannot be overstated. Organizations relying on Veeam Backup & Replication for data protection are strongly urged to apply the latest patch (Veeam Backup & Replication 12.2 build 12.2.0.334) immediately. These vulnerabilities pose a significant risk to the confidentiality, integrity, and availability of critical data.

Related Posts:

• CVE-2024-38650 & CVE-2024-39714 (CVSS 9.9): Critical Flaws in Veeam Console Put Data at Risk
• CVE-2024-20017 (CVSS 9.8): Zero-Click Exploit Discovered in Popular Wi-Fi Chipsets, PoC Published
• CISA Alert: CVE-2023-27532 & CVE-2023-38035 Vulnerabilities Being Exploited in Attacks
• Veeam Users Beware: PoC Exploit for Critical CVE-2024-29849 Flaw Released
• EstateRansomware Exploits Veeam Vulnerability (CVE-2023-27532) in Sophisticated Attack
• Veeam Patches Critical Security Flaw in Recovery Orchestrator (CVE-2024-29855)