Issued: Wednesday, 26 October, 2022 |
Last Revision: Wednesday, 26 October, 2022 |
Vendor: |
Product: |
Severity Level: |
CloudSEK has discovered several critical and high – severity vulnerabilities affecting Veeam Backup & Replication which allow executing malicious code remotely without authentication.
Threat actors are actively advertising a fully weaponized tool for remote code execution to exploit these vulnerabilities.
| CVE/Vulnerability | Description | CVSS 3.0 Base Score | Exploitable |
| |
| CVE-2022-26500 | Veeam Distribution Service | 9.8 | Yes |
| |
| CVE-2022-26501 | Veeam Distribution Service | 9.8 | Yes |
| |
| CVE-2022-26504 | Veeam Backup PSManager | 8.8 | Yes |
| |
Table 1: Vulnerability details
|
| |||
| CVE/Vulnerability | Product(s) Detail |
| |
| CVE-2022-26500 | Prior version to 11a and 10a installed using the ISO images dated P20220302 or later |
| |
| CVE-2022-26501 | Prior version to 11a and 10a installed using the ISO images dated P20220302 or later |
| |
| CVE-2022-26504 | Prior version to 11a and 10a installed using the ISO images dated P20220302 or later |
| |
Table 2: Vulnerable versions
we recommend all entities to follow the vendor recommendation, to update to the latest version.