Security News > 2023 > April > CISA orders agencies to patch Backup Exec bugs used by ransomware gang

On Friday, U.S. Cybersecurity and Infrastructure Security Agency increased by five its list of security issues that threat actors have used in attacks, three of them in Veritas Backup Exec exploited to deploy ransomware.
Of the five vulnerabilities that CISA added to the catalog of Known Exploited Vulnerabilities today, only one was rated critical, an issue in Veritas' data protection software tracked as CVE-2021-27877 that allows remote access and command execution with elevated privileges.
It is worth noting that Veritas patched all three vulnerabilities in March 2021 and that thousands of Backup Exec instances are currently reachable over the public web.
In a previous KEV update at the end of March, CISA included in the catalog the other vulnerabilities leveraged in the exploit chain, some of which were zero-days at the time of the attack.
Federal agencies in the U.S. have until April 28 to check if their systems are impacted by the newly added vulnerabilities and to apply the necessary updates.
As part of the binding operational directive from November 2021, Federal Civilian Executive Branch Agencies agencies have to check and fix their networks for all bugs included in the KEV catalog, which currently has 911 entries.
News URL
Related news
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- CISA and FBI: Ghost ransomware breached orgs in 70 countries (source)
- Ransomware criminals love CISA's KEV list – and that's a bug, not a feature (source)
- CISA: Medusa ransomware hit over 300 critical infrastructure orgs (source)
- Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- CISA tags NAKIVO backup flaw as actively exploited in attacks (source)
- Veeam RCE bug lets domain users hack backup servers, patch now (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-01 | CVE-2021-27877 | Unspecified vulnerability in Veritas Backup Exec An issue was discovered in Veritas Backup Exec before 21.2. | 9.8 |