Security News > 2024 > September > Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days
2024-09-15 08:00
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, … More → The post Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days appeared first on Help Net Security.
News URL
Related news
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Veeam RCE bug lets domain users hack backup servers, patch now (source)
- Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged (source)
- Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-07 | CVE-2024-40711 | Deserialization of Untrusted Data vulnerability in Veeam Backup & Replication 12.0.0.1420 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). | 9.8 |