Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

PT FPT Metrodata Indonesia (FMI) is a joint venture between FPT IS and Metrodata Electronics, focusing on providing Cybersecurity-as-a-Service—including SOC, managed security, professional services, consulting, and threat intelligence—to support Indonesia’s rapidly growing digital economy. FMI is expanding into AI and cloud GPU services to deliver innovative protection and solutions for enterprises. Learn more at https://fmisec.com.
_Dec 04, 2024_Ravie LakshmananVulnerability / Ransomware
Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances.
The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing.
"From the VSPC management agent machine, under the condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine," Veeam said in an advisory.
Another defect patched by Veeam relates to a vulnerability (CVE-2024-42449, CVSS score: 7.1) that could be abused to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server machine.
Both the identified vulnerabilities affect Veeam Service Provider Console 8.1.0.21377 and all earlier versions of 7 and 8 builds. They have been addressed in version 8.1.0.21999.
Veeam further said there are no mitigations to fix the problems, and that the only solution is to upgrade to the latest version of the software.
With flaws in Veeam products being abused by threat actors to deploy ransomware, it's imperative that users take action to secure their instances as soon as possible.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
__Share
__Share on Facebook __Share on Twitter __Share on Linkedin __Share on Reddit __Share on Hacker News __Share on Email __Share on WhatsApp Share on Facebook Messenger __Share on Telegram
SHARE
cybersecurityNTLMransomwareremote code executionVeeamVulnerability





