SUMMARY
- Critical Flaw in Veeam VSPC: A severe vulnerability (CVE-2024-42448) rated 9.9 CVSS allows remote code execution on affected systems.
- Second Vulnerability Identified: CVE-2024-42449 (CVSS 7.1) enables NTLM hash leaks and file deletion, threatening data integrity.
- Affected Versions: Veeam Service Provider Console versions 8.1.0.21377 and earlier in the 7 and 8 builds are vulnerable.
- Critical Flaw in Veeam VSPC: A severe vulnerability (CVE-2024-42448) rated 9.9 CVSS allows remote code execution on affected systems.
- Patch Released: Veeam has issued a patched version, 8.1.0.21999, to address both security flaws.
- Urgent Action Needed: Experts stress immediate updates to avoid system compromise and operational impacts.
Veeam, a leading provider of backup, recovery, and data management solutions, has issued urgent security updates to address two security vulnerabilities in its Service Provider Console (VSPC). One of these flaws is classified as critical and could allow attackers to execute code remotely on affected systems.
The most severe vulnerability tracked as CVE-2024-42448, is rated 9.9 out of 10 on the Common Vulnerability Scoring System (CVSS). This high score indicates that the flaw is easy to exploit and can have serious consequences.
Specifically, CVE-2024-42448 allows someone with control over a management agent to run malicious code on the VSPC machine. This could let attackers take over the system, steal data, or shut down services.
The second vulnerability, CVE-2024-42449, has a CVSS score of 7.1. This issue could be exploited to leak an NTLM hash of the VSPC server service account and delete files on the server machine. Such actions could compromise system integrity and confidentiality, posing substantial risks to organizations relying on Veeam’s services.
Patch Available
Both vulnerabilities affect Veeam Service Provider Console version 8.1.0.21377 and all earlier versions in the 7 and 8 builds. Veeam has released a patched version, 8.1.0.21999, which addresses these security issues. The company strongly recommends that all users update their systems immediately to mitigate potential threats.
Jason Soroko, Senior Fellow at Sectigo, a company specializing in certificate lifecycle management, emphasizes the gravity of these flaws. “The consequences of these vulnerabilities in Veeam Service Provider Console are significant,” he explains.
He stresses that it is vital to apply Veeam’s security updates right away. “Putting off this action leaves your systems open to attacks that could have major operational and security impacts,” Soroko warns. He advises that applying these updates should be at the top of the to-do list.
