Security News > 2023 > April > CISA orders agencies to patch Backup Exec bugs used by ransomware gang
On Friday, U.S. Cybersecurity and Infrastructure Security Agency increased by five its list of security issues that threat actors have used in attacks, three of them in Veritas Backup Exec exploited to deploy ransomware.
Of the five vulnerabilities that CISA added to the catalog of Known Exploited Vulnerabilities today, only one was rated critical, an issue in Veritas' data protection software tracked as CVE-2021-27877 that allows remote access and command execution with elevated privileges.
It is worth noting that Veritas patched all three vulnerabilities in March 2021 and that thousands of Backup Exec instances are currently reachable over the public web.
In a previous KEV update at the end of March, CISA included in the catalog the other vulnerabilities leveraged in the exploit chain, some of which were zero-days at the time of the attack.
Federal agencies in the U.S. have until April 28 to check if their systems are impacted by the newly added vulnerabilities and to apply the necessary updates.
As part of the binding operational directive from November 2021, Federal Civilian Executive Branch Agencies agencies have to check and fix their networks for all bugs included in the KEV catalog, which currently has 911 entries.
News URL
Related news
- Five backup lessons learned from the UnitedHealth ransomware attack (source)
- CISA says BianLian ransomware now focuses only on data theft (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-01 | CVE-2021-27877 | Improper Authentication vulnerability in Veritas Backup Exec An issue was discovered in Veritas Backup Exec before 21.2. | 9.8 |