Security News > 2024 > December > Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
2024-12-04 05:34
Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing. "From the VSPC management agent machine, under
News URL
https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html
Related news
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Veeam RCE bug lets domain users hack backup servers, patch now (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)