1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam

  /     /     /  
Publicated : 23/11/2024   Category : security


1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam


The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw.



A researcher has released a
proof-of-concept (PoC) exploit
and analysis for a critical vulnerability, tracked as CVE-2024-40711, used in Veeams backup and replication software.
As an unauthenticated remote code execution (RCE) flaw, the vulnerability has a CVSS score of 9.8 and threatens environments that are running versions 12.1.2.172 and below.
Initially reported for its high potential for exploitation, the vulnerability possesses an aging communication mechanism that makes it vulnerable to deserialization attacks. And it has an exploitation path that enables threat actors to create malicious payloads that bypass
the protective measures Veeam
has put in place.
While assessing the vulnerability, the security teams discovered 1,900 file modifications, 700 of which were deemed non-security related, indicating that Veeams patching process went beyond just CVE-2024-40711 and likely involved addressing a variety of other security flaws as well.
Veeam released two recommendations to address different components of the vulnerability. The first patch, version 12.1.2.172, made it so that low-level credentials were still required in order for threat actors to exploit the vulnerability. The second patch, version 12.2.0.334, fully resolves the flaw. Its possible that the vulnerability was more severe than Veeam initially let on, and that the first patch did not fully mitigate the RCE threat, leaving systems exposed and prompting a second attempt to patch.
Dark Reading has contacted Veeam for more information about its approach.
In the meantime, its recommended that enterprises apply the latest patch as soon as possible, since a PoC exploit for the vulnerability has been made publicly available on GitHub, giving attackers tools to launch their next attacks. 

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam