Summary of Bulletin:
- On May 21, 2024, Veeam disclosed a critical vulnerability in Veeam Backup Enterprise Manager, identified as CVE-2024-29849.
- This vulnerability allows an unauthenticated threat actor to log into the web interface as any user, posing a significant risk with a Common Vulnerability Scoring System (CVSS) score of 9.8. The affected application is an optional add-on application used to manage Veeam Backup & Replication via a web console in Veeam environments
- We are recommending to customers that they upgrade to the latest fixed version of Veeam Backup Enterprise Manager.
On May 21, 2024, Veeam disclosed a critical vulnerability in Veeam Backup Enterprise Manager, identified as CVE-2024-29849. This vulnerability allows an unauthenticated threat actor to log into the web interface as any user, posing a significant risk with a Common Vulnerability Scoring System (CVSS) score of 9.8. The affected application is an optional add-on application used to manage Veeam Backup & Replication via a web console in Veeam environments. There have been no reports of active exploitation in the wild, and Arctic Wolf has not identified a proof of concept (PoC) exploit for this vulnerability. Nonetheless, threat actors could potentially leverage CVE-2024-29849 to perform malicious actions such as gaining unauthorized access to sensitive data, manipulate data, or disrupt operations. While this specific application is not listed in CISA’s Known Exploited Vulnerabilities Catalog, several other Veeam vulnerabilities have been exploited in the past such as CVE-2023-27532, which was used by ransomware threat actors in 2023 to target critical infrastructure.
|
