Update Now or Pay Later: Critical Veeam Security Flaws Put Data at Risk

Update Veeam Backup Enterprise Manager to thwart hackers exploiting a critical security flaw tracked as CVE-2024-29849. This vulnerability lets attackers log in as any user. Other issues include account takeovers and log access. Version 12.1.2.172 fixes all flaws. Don’t risk it—patch now!

3P
Published: May 22, 2024 4:30 amAdded: August 16, 2024 at 2:02 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Veeam users, it’s time to patch up those gaps before the cyber bandits waltz in like they own the place! Your backups shouldn’t be the ones needing a backup plan.

Key Points:

  • Critical flaw CVE-2024-29849 could let attackers bypass authentication and waltz into Veeam Backup Enterprise Manager.
  • Additional vulnerabilities include account takeover via NTLM relay, NTLM hash theft, and backup session log access.
  • All issues are resolved in version 12.1.2.172, so update ASAP.
  • Recent fixes also addressed a local privilege escalation flaw and a remote code execution bug.
  • Past exploits by threat groups like FIN7 and Cuba underline the urgency of these updates.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?