Veeam Backup & Replication admins, get patching! (CVE-2023-27532)

Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the fix as soon as possible. About CVE-2023-27532 The nature of CVE-2023-27532 has not been explained – Veeam only says that “the vulnerable process, Veeam.Backup.Service.exe (TCP 9401 by default), allows an unauthenticated user to request encrypted credentials.” Obtaining encrypted credentials might ultimately allow attackers to gain access to the backup infrastructure hosts, the company noted.

Read full article on Help Net Security

 


Date:

Categorie(s):