{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-092.pdf"
    },
    "title": "Critical Vulnerability in Veeam",
    "serial_number": "2024-092",
    "publish_date": "06-09-2024 10:10:44",
    "description": "On September 5, 2024, Veeam disclosed a critical remote code execution (RCE) vulnerability tracked as CVE-2024-40711, affecting Veeam Backup & Replication (VBR). This flaw allows unauthenticated attackers to execute arbitrary code on vulnerable systems (CVSS score: 9.8). VBR is a target for ransomware attacks, as it plays a key role in enterprise data protection.<br>\nUsers are advised to update to version 12.2.0.334 as soon as possible.<br>\n",
    "url_title": "2024-092",
    "content_markdown": "---\ntitle: 'Critical Vulnerability in Veeam'\nnumber: '2024-092'\nversion: '1.0'\noriginal_date: 'September 5, 2024'\ndate: 'September 6, 2024'\n---\n\n_History:_\n\n* _06/09/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn September 5, 2024, Veeam disclosed a critical remote code execution (RCE) vulnerability tracked as **CVE-2024-40711**, affecting Veeam Backup & Replication (VBR) [1]. This flaw allows unauthenticated attackers to execute arbitrary code on vulnerable systems (CVSS score: 9.8). VBR is a target for ransomware attacks, as it plays a key role in enterprise data protection.\n\nUsers are advised to update to version 12.2.0.334 as soon as possible.\n\n# Technical Details\n\nThe vulnerability tracked as **CVE-2024-40711** enables remote, unauthenticated code execution on vulnerable VBR systems, potentially leading to lateral movement and full infrastructure compromise.\n\n# Affected Products\n\n- Veeam Backup & Replication versions 12.1.2.172 and earlier.\n\n# Recommendations\n\nCERT-EU recommends updating to VBR version 12.2.0.334 as soon as possible.\n\n# References\n\n[1] <https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-flaw-in-backup-and-replication-software/>",
    "content_html": "<p><em>History:</em></p><ul><li><em>06/09/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On September 5, 2024, Veeam disclosed a critical remote code execution (RCE) vulnerability tracked as <strong>CVE-2024-40711</strong>, affecting Veeam Backup &amp; Replication (VBR) [1]. This flaw allows unauthenticated attackers to execute arbitrary code on vulnerable systems (CVSS score: 9.8). VBR is a target for ransomware attacks, as it plays a key role in enterprise data protection.</p><p>Users are advised to update to version 12.2.0.334 as soon as possible.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability tracked as <strong>CVE-2024-40711</strong> enables remote, unauthenticated code execution on vulnerable VBR systems, potentially leading to lateral movement and full infrastructure compromise.</p><h2 id=\"affected-products\">Affected Products</h2><ul><li>Veeam Backup &amp; Replication versions 12.1.2.172 and earlier.</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU recommends updating to VBR version 12.2.0.334 as soon as possible.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-flaw-in-backup-and-replication-software/\">https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-flaw-in-backup-and-replication-software/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}