{"id":991176,"date":"2024-10-16T13:45:35","date_gmt":"2024-10-16T13:45:35","guid":{"rendered":"https:\/\/binaryms.co.uk\/?p=991176"},"modified":"2024-10-16T13:58:09","modified_gmt":"2024-10-16T13:58:09","slug":"high-risk-veeam-vulnerability-what-do-you-need-to-know","status":"publish","type":"post","link":"https:\/\/binaryms.co.uk\/index.php\/2024\/10\/16\/high-risk-veeam-vulnerability-what-do-you-need-to-know\/","title":{"rendered":"High risk Veeam vulnerability, what do you need to know?"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

A vulnerability has been identified and reported within the Veeam platform, identification for this is CVE-2024-40711. It has been classified as critical. Reported by Florian Hauser with Code White Gmbh the vulnerability is currently under active exploitation.<\/p>

The exploit is being used by ransomware groups to create new local administrator accounts to carry out further attacks off the back of this. This has been classed as RCE exploit which stands for \u2018Remote Code Execution\u2019 and is one of the most serious vulnerabilities.<\/p>

Corporate backup and disaster recovery solutions are one of the biggest targets for attackers usually for some kind of profit gain off the back of a cyber attack.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

Solution<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\tIt has been told by Veeam that the issue can be resolved by updating Veeam applications to the latest version and should be done so as soon as possible, details can be found at the link below\u2026\n

\nhttps:\/\/www.veeam.com\/kb4649<\/a>\n

\nProducts that have been identified are below\u2026\n