Sophos warns of ransomware operators exploiting a critical code execution vulnerability in Veeam Backup & Replication.
October 11 2024 By Ionut Arghire
Ransomware operators are exploiting a critical-severity vulnerability in Veeam Backup & Replication to create rogue accounts and deploy malware, Sophos warns.
The issue, tracked as CVE-2024-40711 (CVSS score of 9.8), can be exploited remotely, without authentication, for arbitrary code execution, and was patched in early September with the release of Veeam Backup & Replication version 12.2 (build 12.2.0.334).
While neither Veeam, nor Code White, which was credited with reporting the bug, have shared technical details, attack surface management firm WatchTowr performed an in-depth analysis of the patches to better understand the vulnerability.
