Breach, Threat Management, Critical Infrastructure Security

CISA: Active exploitation of Veeam Backup & Replication flaws underway

Two critical vulnerabilities in Veeam's Backup & Replication enterprise backup offering have been noted by the Cybersecurity and Infrastructure Security Agency to be actively abused in attacks, prompting their inclusion in the agency's Known Exploited Vulnerabilities Catalog, reports SecurityWeek. Remote attackers could exploit the already patched flaws, tracked as CVE-2022-26500 and CVE-2022-26501, to enable arbitrary code execution and system takeovers, according to CISA. While CISA has not provided details on the attacks exploiting the vulnerabilities, both flaws were reported by CloudSEK in October to have been exploited by a weaponized remote code execution tool being promoted by various threat actors. "This is another reminder for companies and organizations to review their own internal cybersecurity efforts to ensure that software and operating systems are patched and updated, that identities are being securely managed, and that progress is being made towards the adoption of zero-trust technologies, including encryption," said Veeam Vice President of Enterprise Strategy Dave Russell. Three other vulnerabilities impacting Citrix, Fortinet, and Microsoft products have also been added to CISA's catalog.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.