Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Veeam Urges Immediate Updates for Security

September 4, 2024
Reading Time: 2 mins read
in Alerts

Veeam recently issued a comprehensive security bulletin covering updates for multiple products, including Backup & Replication, Service Provider Console, and ONE. These updates address 18 high-severity vulnerabilities, many of which are critical and could allow attackers to execute remote code or bypass security controls. Given the role Veeam products play in managing and securing backup infrastructure, these vulnerabilities pose a significant risk, especially for enterprises that rely on them for data protection and continuity.

Among the vulnerabilities, CVE-2024-40711 is the most severe, with a CVSS score of 9.8, indicating a critical level of risk. This remote code execution flaw impacts Veeam Backup & Replication (VBR) and could be exploited without authentication, allowing attackers to take complete control of the system. Such access could enable ransomware operators to use VBR as a launch point for lateral attacks, potentially compromising entire networks and eliminating backup resources crucial for recovery. This flaw was disclosed through the HackerOne platform and affects VBR version 12.1.2.172 and earlier.

Other vulnerabilities addressed in this update include flaws that allow lower-privileged users to escalate privileges, bypass Multi-Factor Authentication (MFA), or intercept sensitive data like credentials. These issues not only threaten system integrity but also make VBR, Service Provider Console, and ONE attractive targets for cybercriminals looking to steal or alter sensitive information. Previous attacks by groups like the Cuba ransomware gang and FIN7 have highlighted the risks associated with unpatched Veeam software, where exploited flaws can result in devastating data breaches or ransomware demands.

Veeam recommends that users apply these security patches immediately to mitigate the potential for exploitation. Updated versions—12.2.0.334 for Backup & Replication, 8.1.0.21377 for Service Provider Console, and 12.2.0.4093 for ONE—contain essential fixes that address these vulnerabilities. The company has stressed the importance of timely updates to protect data and ensure Veeam software continues to provide a secure, resilient backup environment for users.

 

Reference:

  • Veeam Security Bulletin (September 2024)

Tags: Cyber AlertsCyber Alerts 2024Cyber threatsSeptember 2024VeeamVulnerabilities
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial