CISA reports active exploitation of NAKIVO Backup Software vulnerability
Take action: If you use NAKIVO Backup & Replication software, plan a quick patch - the flaw is actively exploited. First make sure it's isolated from the internet, and then update ASAP to version 11.0.0.88174 or newer.
Learn More
The Cybersecurity and Infrastructure Security Agency (CISA) is reporting active exploitation of a high-severity vulnerability affecting NAKIVO's backup and replication software.
The vulnerability, tracked as CVE-2024-48248 (CVSS score 8.6), is a path traversal issue, marked as "critical" by NAKIVO in their security advisory.
This vulnerability allows attackers to read arbitrary files on the affected system without authentication," NAKIVO stated in their advisory. "Exploiting this vulnerability could expose sensitive data, including configuration files, backups, and credentials, potentially leading to data breaches or further security compromises."
The vulnerability was discovered by cybersecurity firm watchTowr,
NAKIVO has released a fix for the vulnerability in Backup & Replication v11.0.0.88174. CISA has advised immediate patching for federal and civilian organizations with an april 9, 2025 patching deadline for Federal Civilian Executive Branch (FCEB) agencies, in accordance with BOD 22-01
The vulnerability could allow attackers to access sensitive information within enterprise environments. According to watchTowr, because NAKIVO's product supports various integrations within an organization's environment, including cloud services, the flaw could potentially allow an attacker to unlock "entire infrastructure environments."
