We would like to bring your attention to the following unauthenticated remote code execution vulnerability within Veeam Backup & Replication. This issue is being tracked as CVE-2022-26500 & CVE-2022-26501 and has been given the CVSS v3 score of 9.8.
At this time we are unaware of any proof of concept attacks or exploits for this issue being available in the wild, we will continue to monitor the situation around this.
Am I Effected?
Versions of Veeam prior to the following versions are known to be vulnerable (including the unsupported version 9.5):
-
11a (build 11.0.1.1261 P20220302)
-
10a (build 10.0.1.4854 P20220304)
Remediation
Apply the patches provided by Veeam to your Veeam Backup and Replication Server:
References
-
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26500
-
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26501
Santa: The OG Ethical Hacker Smashing Your Home Security Since Forever
What’s red, white, and better at breaking into your home than anyone? That’s right—Santa Claus. Every year, this bearded infiltrator outpaces your security with his elite…
CovertSwarm Secures Spot in TechRound’s Top 100 for 2024
We’re buzzing with excitement to share some incredible news—CovertSwarm has been ranked #31 in TechRound’s prestigious Top 100 list for 2024! This recognition underscores the relentless…
Is Your Business Secured Like an Egg or an Onion?
Cybersecurity isn’t about building an impenetrable shell; it’s about creating a resilient system that keeps attackers out—or contains them if they get in.