CVE-2024-45207
CVSS 3.0 Score 7 of 10 (high)
Details
Summary
CVE-2024-45207 is a new vulnerability affecting Veeam Agent for Windows. The issue arises when the system's PATH variable contains insecure directories. The agent searches these locations for required DLLs during execution. If an attacker places a malicious DLL in one of these directories, the Veeam Agent may unintentionally load it, resulting in code execution by the attacker. This vulnerability poses a significant risk, potentially leading to unauthorized access, data theft, or service disruptions. Users are advised to update their Veeam Agent for Windows installations and secure their PATH variables to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.