Press "Enter" to skip to content

Veeam Backup and Replication Vulnerabilities Being Used in Attacks: CISA Alert

Veeam Backup and Replication Vulnerabilities Being Used in Attacks: CISA Alert

Veeam Backup and Replication Vulnerabilities Being Used in Attacks: CISA Alert

Due to active exploitation in the field, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities affecting the Veeam Backup & Replication software to its Known Exploited Vulnerabilities (KEV) Catalog.

The two recently patched major issues, identified as CVE-2022-26500 and CVE-2022-26501. The both have a CVSS score of 9.8 and could be used to take over a target system.

ALSO, READ How To Protect Your Bank Account From Hackers (2023)

Veeam stated in an advisory released in March 2022 that “The Veeam Distribution Service (TCP 9380 by default) permits unauthenticated users to access core API functionalities.” The internal API may receive input from a remote attacker. This could result in the upload and execution of malicious code.

Versions 10a and 11a both fix the problems that affect product versions 9.5, 10, and 11. It is suggested that users of Veeam Backup & Replication 9.5 update to a supported version.

The flaws were found and reported by Nikita Petrov, a security researcher at the Russian cybersecurity company Positive Technologies.

Veeam Backup and Replication Vulnerabilities Being Used in Attacks: CISA Alert

On March 16, 2022, Petrov stated, “We expect that these vulnerabilities will be exploited in actual assaults. And will put many businesses at substantial risk.” Because of this, it’s crucial to apply updates as soon as they become available or at the very least. Also, take precautions to spot any unusual activity connected to these goods.

Details on the attacks exploiting these vulnerabilities are unknown as yet, but cybersecurity company CloudSEK disclosed in October that it observed multiple threat actors advertising a “fully weaponized tool for remote code execution” that abuse the two flaws.

Some of the possible consequences of successful exploitation are infection with ransomware, data theft, and denial of service, making it imperative that users apply the updates.

ALSO, READ How Hackers Are Exploiting Stolen Cookies To Attack Corporate Organisations – Research


CYBERINFORMER.NET –  brings updates on the latest cyber security tips, online safety tips and cyber information, cyber security courses for Nigerians and Foreigners, Cyber security jobs for seekers and much more

If You find This article helpful please comment, subscribe and share

Be First to Comment

Leave a Reply

Mission News Theme by Compete Themes.
%d bloggers like this: