CVE-2024-33671

CVSS 3.1 Score 7.7 of 10 (high)

Details

Published Apr 26, 2024
CWE ID 73

Summary

CVE-2024-33671 is a newly disclosed vulnerability affecting Veritas Backup Exec versions prior to 22.2 HotFix 917391. This issue permits an attacker to execute arbitrary file deletion on protected files through the Deduplication Multi-threaded Streaming Agent. By manipulating the data stream during the backup process, an adversary can cause the deletion of specific files, potentially leading to data loss or unauthorized access. Organizations using these affected versions of Backup Exec are advised to apply the relevant patch as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share