"Serious Vulnerability Patched in Veeam Data Backup Solution"

Veeam recently announced patches for a severe vulnerability in its Backup & Replication solution that could lead to the exposure of credentials.  A backup solution for virtual environments, Veeam Backup & Replication, supports virtual machines running on Hyper-V, Nutanix AHV, and vSphere, as well as servers, workstations, and cloud-based workloads.  The vulnerability is tracked as CVE-2023-27532 (CVSS score of 7.5) and allows an attacker to obtain the encrypted credentials that are stored in the configuration database.  The company stated that the vulnerable process, Veeam.Backup.Service.exe (TCP 9401 by default), allows an unauthenticated user to request encrypted credentials.  According to the company, successful exploitation of the security defect could provide attackers with access to the backup infrastructure hosts.  All Veeam Backup & Replication versions are impacted by this issue.  Patches were included in application versions 12 (build 12.0.0.1420 P20230223) and 11a (build 11.0.1.1261 P20230227).  The company noted that new deployments installed using the ISO images dated February 23 (version 12) and February 27 (version 11) or later are not vulnerable.  Users of older Veeam Backup & Replication versions are advised to update to a supported iteration as soon as possible.
 

SecurityWeek reports: "Serious Vulnerability Patched in Veeam Data Backup Solution"