MY BRAND BOOK Attackers exploited Veeam Backup and Replication Vulnerabilities

Attackers exploited Veeam Backup and Replication Vulnerabilities

By MYBRANDBOOK

The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities (KEV) Catalog. It has cited evidence of active exploitation in the wild. The critical flaws tracked as CVE-2022-26500 and CVE-2022-26501, are both rated 9.8 on the CVSS scoring system, and could be leveraged to gain control of a target system. The flaws have been patched now.

In an advisory published in March 2022Veeam noted, "The Veeam Distribution Service (TCP 9380 by default) allows unauthenticated users to access internal API functions. A remote attacker may send input to the internal API which may lead to uploading and executing of malicious code."

Both the issues that impact product versions 9.5, 10, and 11 have been addressed in versions 10a and 11a. Users of Veeam Backup & Replication 9.5 are advised to upgrade to a supported version.

Nikita Petrov, a security researcher at Russian cybersecurity firm Positive Technologies, has been credited with discovering and reporting the weaknesses. Some of the possible consequences of successful exploitation are infection with ransomware, data theft, and denial-of-service, making it imperative that users apply the updates.

Petrov said on March 16, 2022, "We believe that these vulnerabilities will be exploited in real attacks and will put many organizations at significant risk. That is why it is important to install updates as soon as possible or at least take measures to detect abnormal activity associated with these products."

Details on the attacks exploiting these vulnerabilities are unknown as yet, but cybersecurity company CloudSEK disclosed in October that it observed multiple threat actors advertising a "fully weaponized tool for remote code execution" that abuse the two flaws.

BREAKING NEWS

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

TECHNO TRENDS

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

E-Magazine

TECHNOTAINMENT

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b

MOVERS & SHAKERS

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this

OPEN YOUR EYES

The demand for touch-less services are on huge demand

Business continuity is the most valuable asset for financial institutions

The disruption in the technology demands to ensure business continuity

600% increase in malicious emails during Covid-19 crisis

Opportunities For Technological Disruption In Times Of Crisis

INTERVIEWS

Autodesk continually pushing the boundaries in the Design and

Cisco building a trusted and resilient future for the nation

Security is foundational to everything Cisco does and customers insist on e

Alpha Max offers high end solutions in the network space to en

The vision at Alpha Max is to attain quality as the trademark and create a

HOT PICK

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr

MAKE IN INDIA BRANDS

TALLY SOLUTIONS PVT. LTD.

GLOBUS INFOCOM LTD.

TVS ELECTRONICS LTD.

BEETEL TELETECH LTD.

EMINENT CIO'S OF INDIA

AI AND DATA ANALYTICS REVOLUTIONIZING HEALTHCARE SERVICES

...

PRIORITIZING APPROPRIATE DATA MANAGEMENT AND ETHICAL AI IS THE NEED OF THE HOUR

For us, cultivating customer trust amidst for that...

USING AI & BI OFFERINGS TO ADDRESS CLIENT NEEDS

In the fiscal year 2024-25, Assisto Technologies h...

ICONS OF INDIA

ICONS OF INDIA : SRIDHAR VEMBU

Sridhar Vembu is the chief executive officer (CEO) of Zoho Corporation...

Icons Of India : Dr. Arvind Gupta

Arvind Gupta is the Head and Co-Founder of the Digital India Foundatio...

Icons Of India : RAJENDRA SINGH PAWAR

Rajendra Singh Pawar is the Executive Chairman and Co-Founder of NIIT ...

PARTNER SPEAKERS

Investing in Innovation and Maintaining High Service Standards To Fortify its Brand Position

The rise of digital technology and cloud computing is a huge growth driver for...

Innovation, Technology and Partnerships Continue To Be The Cornerstone Of Growth

IT distribution is undergoing a significant transformation. As technology evol...

"Tech Data's Solution-Centric Methodology and Consistent Communication: Enhancing Customer Experience Across All Touchpoints"

Tech Data’s unique value proposition is its solutions aggregation and orches...

PSU

DRDO - Defence Research and Development Organisation

DRDO responsible for the development of technology for use by the mili...

HPCL - Hindustan Petroleum Corporation Ltd.

HPCL is an integrated oil and gas company involved in refining, market...

ECIL - Electronics Corporation of India Limited

ECIL is distinguished by its diverse technological capabilities and it...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024: IBM CORPORATION

IBM’s strength lies in its ability to consistently innovate and adapt to the...

Most Trusted Brands 2024: Apple India Pvt. Ltd.

five decades after its founding, Apple has redefined modern computing, emphasi...

Most Trusted Brands 2024 : Adobe Inc.

Adobe Creative Cloud is a comprehensive suite of desktop and mobile apps for d...

Global Indian industry

Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design

Anirudh Devgan, the Global President and CEO of Cadence Design Systems...

Indian Tech Talent Excelling The Tech World - Dheeraj Pandey, CEO, DevRev

Dheeraj Pandey, Co-founder and CEO at DevRev , has a remarkable journe...

Indian Tech Talent Excelling The Tech World - Vinod Dham, Founder & Executive Managing Partner, IndoUS Venture Partners

Vinod Dham, known as the “Father of the Pentium Chip,” has left an...

STARNITE AWARDS 2024

ITFORUM 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY