Veeam reports critical flaws in Veeam ONE monitoring platform
Take action: Check if your Veeam ONE is exposed to the internet. If it is, lock it down immediately to access only from trusted networks. Then start patching, it's not that big a deal. Don't delay, because an attacker may compromise it even if locked out from internet, by first attacking an employee's endpoint.
Veeam, a software vendor that develops backup, disaster recovery, and intelligent data management software has alerted users to critical vulnerabilities within its Veeam ONE monitoring tool.
The company has patched four security issues, with two being of particular severity due to their potential for remote code execution (RCE) and for enabling the theft of NTLM hashes from affected servers. The other two vulnerabilities, while less severe, could still pose risks through user interaction or have a more limited impact.
These vulnerabilities affect all actively supported versions of Veeam ONE up to the most recent release. Veeam has provided hotfixes for three different versions of Veeam ONE, with download links available in their security advisory.
A hotfix to resolve these vulnerabilities is available for the following versions:
To implement these hotfixes, administrators are required to halt the Veeam ONE monitoring and reporting services, replace certain files with those provided in the hotfixes, and then restart the services.
Veeam has a broad user base, claiming over 450,000 customers worldwide, including 82% of Fortune 500 companies and 72% of those in the Global 2,000 ranking, highlighting the importance of these security updates.
|Fortinet reports critical command injection vulnerability in FortiSIEM
|VMware reports critical vulnerability in vCenter
|Cisco patches critical flaw in Unified Communications Products
|Splunk releases patches for multiple issues in Splunk …
|Devolutions reports critical flaw in Remote Desktop Manager