April 1, 2023

A high-severity vulnerability in the Veeam Backup Service has been addressed, that provides unapproved access to the threat actors, which will in turn paves way for data theft  

The security flaw tracked as CVE-2023-27532 with a CVSS score of 7.5, impacts all versions of Backup & Replication software versions.

An unauthenticated attacker can exploit the vulnerability to obtain the credentials stored in the Veeam VBR configuration database and use them to access backup infrastructure hosts.

Advertisements

As per the advisory, the root cause of the problem is the vulnerable Veeam.Backup.Service.exe (TCP 9401 by default) process that allows an unauthenticated user to request encrypted credentials.

The flaw was addressed with the release of the following Veeam Backup & Replication build numbers:

  • 12 (build 12.0.0.1420 P20230223)
  • 11a (build 11.0.1.1261 P20230227)

The patch must be installed on the Veeam Backup & Replication server. All new deployments of Veeam Backup & Replication versions 12 and 11 installed using the ISO images dated 20230223 (V12) and 20230227 (V11) or later are not vulnerable.

The workaround is in case customers can’t immediately apply the security updates and are using an all-in-one appliance with no remote backup infrastructure components. The vendor recommends blocking external connections to port TCP 9401 in the backup server firewall.

Tags:

Leave a Reply

You may have missed

Italy temporarily bans ChatGPT

Italy temporarily bans ChatGPT

April 1, 2023
Cylance Ransomware Dissection

Cylance Ransomware Dissection

April 1, 2023
WordPress Elementor Pro Plugin Vulnerability

WordPress Elementor Pro Plugin Vulnerability

April 1, 2023
QNAP Critical Sudo Vulnerability

QNAP Critical Sudo Vulnerability

March 31, 2023
AlienFox Malware Toolset -SwissArmy Knife

AlienFox Malware Toolset -SwissArmy Knife

March 31, 2023
3CX Application Malvertised

3CX Application Malvertised

March 31, 2023
%d bloggers like this: