CVE-2024-42452

CVSS 3.0 Score 8.8 of 10 (high)

Details

Published Dec 4, 2024
CWE ID 863

Summary

CVE-2024-42452 is a newly disclosed vulnerability affecting Veeam Backup & Replication. This issue enables a low-privileged user to instigate an agent in server mode remotely, bypassing permission checks in the process. By exploiting this vulnerability, an attacker can escalate privileges to system-level access and upload files with elevated permissions. Ultimately, the vulnerability exposes the system to full compromise.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Veeam Backup & Replication

Affected Vendors

  • Veeam