CVE-2024-42452
CVSS 3.0 Score 8.8 of 10 (high)
Details
Published Dec 4, 2024
CWE ID 863
Summary
CVE-2024-42452 is a newly disclosed vulnerability affecting Veeam Backup & Replication. This issue enables a low-privileged user to instigate an agent in server mode remotely, bypassing permission checks in the process. By exploiting this vulnerability, an attacker can escalate privileges to system-level access and upload files with elevated permissions. Ultimately, the vulnerability exposes the system to full compromise.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Veeam Backup & Replication
Affected Vendors
- Veeam