CVE-2024-40711 | Armis Vulnerability Intelligence Database

Description Preview

CVE-2024-40711 is a critical vulnerability affecting Veeam Backup and Recovery version 12.1.2 and earlier. The vulnerability arises from the deserialization of untrusted data, which can be exploited by an attacker to execute arbitrary code remotely without authentication. This vulnerability has a CVSS score of 9.8, indicating a critical severity level. The potential impact includes complete system compromise, making it imperative for users to address this vulnerability promptly.

Overview

CVE ID: CVE-2024-40711
Vendor: Veeam
Product: Backup and Recovery
Affected Versions: Version 12.1.2 and earlier
Vulnerability Type: Deserialization of Untrusted Data (CWE-502)
CVSS Score: 9.8 (Critical)
Attack Vector: Network (AV:N)
Authentication Required: None (PR:N)
Impact on Confidentiality, Integrity, and Availability: High (C:H, I:H, A:H)

Remediation

Users of Veeam Backup and Recovery are advised to upgrade to the latest version that addresses this vulnerability. It is crucial to monitor for updates from Veeam and apply patches as they become available. Additionally, organizations should review their security policies and practices regarding the handling of untrusted data to mitigate the risk of exploitation.

References

Veeam Knowledge Base Article: Veeam KB4649
Watchtowr Labs Analysis: Veeam Backup Response RCE
CISA Known Exploited Vulnerabilities Catalog: CISA KEV

Early Warning

Customers using Armis Early Warning were notified about this vulnerability before it appeared in CISA's Known Exploited Vulnerabilities Catalog, enabling them to assess their exposure and act proactively. Armis offers these examples of CVEs already included in CISA KEV for potential customers. Click here to learn how to receive alerts earlier.

Armis Alert Date: Sep 7, 2024
CISA KEV Date: Oct 17, 2024

40days early

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

Manufacturing: Medium
Manufacturing
Public Administration: Low
Public Administration
Health Care & Social Assistance: Low
Health Care & Social Assistance
Professional, Scientific, & Technical Services: Low
Professional, Scientific, & Technical Services
Arts, Entertainment & Recreation: Low
Arts, Entertainment & Recreation
Educational Services: Low
Educational Services
Transportation & Warehousing: Low
Transportation & Warehousing
Management of Companies & Enterprises: Low
Management of Companies & Enterprises
Other Services (except Public Administration): Low
Other Services (except Public Administration)
Agriculture, Forestry Fishing & Hunting: Low
Agriculture, Forestry Fishing & Hunting
Finance and Insurance: Low
Finance and Insurance
Retail Trade: Low
Retail Trade
Accommodation & Food Services: Low
Accommodation & Food Services
Administrative, Support, Waste Management & Remediation Services: Low
Administrative, Support, Waste Management & Remediation Services
Construction: Low
Construction
Information: Low
Information
Mining: Low
Mining
Real Estate Rental & Leasing: Low
Real Estate Rental & Leasing
Utilities: Low
Utilities
Wholesale Trade: Low
Wholesale Trade

^{CVE-2024-40711:}A deserialization of untrusted data vulnerability in Veeam Backup and Recovery allows for unauthenticated remote code execution (RCE) through a malicious payload.