"2 Critical Bugs, 1 High-Severity Bug Affect Veeam Products"

Two Veeam software products have been discovered to contain two critical vulnerabilities and one high-severity vulnerability. The exploitation of these vulnerabilities could allow attackers to perform Remote Code Execution (RCE) and enable Local Privilege Escalation (LPE) on a victim's system. According to Nikita Petrov, a security researcher at the cybersecurity firm Positive Technologies who found the bugs, two of the vulnerabilities were discovered in Veeam's backup and replication solution. Petrov says they can be used in the execution of ransomware, data theft, and Denial-of-Service (DoS) attacks by allowing attackers to gain initial access, disclose information, encrypt data, and more. The third vulnerability found in Veeam's Agent for Microsoft Windows allows LPE, thus enabling an attacker to run arbitrary code with LOCAL SYSTEM privileges. Exploiting this vulnerability can allow attackers to gain access to a compromised node's resources with maximum privileges. The information stored on a personal computer or server could be used by malicious actors to plan and conduct future attacks. Further compromise of the domain account can lead to attackers gaining access to information located on the local network. Veeam revealed that the flaw stems from Microsoft .NET data serialization mechanisms used in Windows. Veeam has patched all three vulnerabilities, but there are no workarounds for them. If users cannot patch the vulnerabilities immediately, they must monitor abnormal activity concerning nodes with vulnerable products and check event logs for new privileged user accounts and access to sensitive files. This article continues to discuss the vulnerabilities found in Veeam's backup and replication solution and the patches released for them. 

DataBreachToday reports "2 Critical Bugs, 1 High-Severity Bug Affect Veeam Products"