Cyber Security News

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

Cyware

### #VeeamSecurity #RemoteCodeExecution #PatchManagement

Summary: Veeam has issued critical security updates to address a severe vulnerability in its Service Provider Console that could allow remote code execution. Users are urged to upgrade to the latest version to mitigate risks associated with these vulnerabilities.

Threat Actor: Unknown | unknown
Victim: Veeam Service Provider Console | Veeam Service Provider Console

Key Point :

  • Critical vulnerability CVE-2024-42448 has a CVSS score of 9.9, enabling potential remote code execution on affected systems.
  • Another vulnerability, CVE-2024-42449, with a CVSS score of 7.1, could lead to NTLM hash leakage and unauthorized file deletion.
  • Both vulnerabilities affect Veeam Service Provider Console versions 8.1.0.21377 and earlier; users must upgrade to version 8.1.0.21999 to secure their systems.
  • No mitigations are available; upgrading is the only solution to address these critical flaws.
  • Threat actors have exploited flaws in Veeam products to deploy ransomware, highlighting the urgency for users to act quickly.
Critical RCE Vulnerability

Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances.

The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing.

“From the VSPC management agent machine, under the condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine,” Veeam said in an advisory.

Cybersecurity

Another defect patched by Veeam relates to a vulnerability (CVE-2024-42449, CVSS score: 7.1) that could be abused to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server machine.

Both the identified vulnerabilities affect Veeam Service Provider Console 8.1.0.21377 and all earlier versions of 7 and 8 builds. They have been addressed in version 8.1.0.21999.

Veeam further said there are no mitigations to fix the problems, and that the only solution is to upgrade to the latest version of the software.

With flaws in Veeam products being abused by threat actors to deploy ransomware, it’s imperative that users take action to secure their instances as soon as possible.

Source: https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html

Tags: PATCH, CVE, LEAK, VULNERABILITY

Check this following Post also