This week, Veeam announced a patch for a severe vulnerability in its Backup & Replication solution, which could lead to the exposure of credentials. The vulnerability, tracked as CVE-2023-27532, was given a CVSS score of 7.5 and allows attackers to access the encrypted credentials stored in the configuration database. The patch was included in the versions 12 (build 12.0.0.1420 P20230223) and 11a (build 11.0.1.1261 P20230227) of the software and users of older versions are advised to update to a supported iteration as soon as possible.
Veeam Backup & Replication supports virtual machines running on Hyper-V, Nutanix AHV, and vSphere, as well as servers, workstations, and cloud-based workloads. The vulnerability, discovered by penetration testing firm Code White, is relatively easy to exploit and could provide attackers with access to the backup infrastructure hosts. To protect against the vulnerability, users can either install the patch on the Veeam Backup & Replication server or block access to port TCP 9401 in the firewall.
Veeam Backup & Replication is a crucial tool for many organizations and the patch should be installed as soon as possible to prevent exploitation of the vulnerability. Organizations should regularly update their backup solutions and remain vigilant against new threats and vulnerabilities.
Key points:
• Veeam announced a patch for a vulnerability in its Backup & Replication solution
• The vulnerability, CVE-2023-27532, could lead to the exposure of credentials
• The patch is included in versions 12 and 11a of the software
• The vulnerability is relatively easy to exploit and could provide attackers with access to the backup infrastructure
• Users need to install the patch or block access to port TCP 9401 in the firewall