Veeam addressed a high-severity vulnerability in the Backup Service, tracked as CVE-2023-27532 (CVSS v3 score: 7.5), that impacts all versions of Backup & Replication software versions.
“Vulnerability CVE-2023-27532 in Veeam Backup & Replication component allows to obtain encrypted credentials stored in the configuration database. This may lead to gaining access to the backup infrastructure hosts.” reads the advisory published by the company.
An unauthenticated attacker can exploit the vulnerability to obtain the credentials stored in the VeeamVBR configuration database and use them to access backup infrastructure hosts.
According to the advisory, the root cause of the problem is the vulnerable Veeam.Backup.Service.exe (TCP 9401 by default) process that allows an unauthenticated user to request encrypted credentials.
The flaw was addressed with the release of the following Veeam Backup & Replication build numbers:
The company credited the security researcher known as Shanigen for reporting the CVE-2023-27532 flaw in mid-February.
Veeam also provides a workaround in case customers can’t immediately apply the security updates and are using an all-in-one appliance with no remote backup infrastructure components. The vendor recommends blocking external connections to port TCP 9401 in the backup server firewall.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, CVE-2023-27532)
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can…
This website uses cookies.