Veeam patches critical security flaw

Share post:

Veeam Software has patched CVE-2023-27532, a critical security flaw in its widely used Veeam Backup & Replication solution and urges customers to apply the fix as soon as possible.

“This affects all Veeam Backup & Replication versions. We have developed patches for V11 and V12 to mitigate this vulnerability and we recommend you update your installations immediately” Veeam told customers, saying that the bug, CVE-2023-27532, was reported via its vulnerability disclosure programme.

In an email notifying user of the flaw and the need to patch, Veeam said, “If you use an all-in-one Veeam appliance with no remote backup infrastructure components, you can also block external connections to port TCP 9401 in the backup server firewall as a temporary remediation until the patch is installed.”

Shanigen, a security researcher, reported the flaw in mid-February, and it affects all Veeam Backup & Replication (VBR) versions. It enables an unauthenticated user to request encrypted credentials, potentially granting access to backup infrastructure hosts. After obtaining encrypted credentials from the VeeamVBR configuration database, unauthenticated attackers can use it to gain access to backup infrastructure hosts.

The root cause of this flaw, according to Veeam’s advisory, is the Veeam.Backup.Service.exe (which by default runs on TCP 9401), which allows unauthenticated users to request encrypted credentials. Veeam then released a patch to address the vulnerability in builds 12 (build 12.0.0.1420 P20230223) and 11a (build 11.0.1.1261 P20230227).

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways