Security News > 2025 > March > NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)
2025-03-21 11:31
A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and managed service providers (MSPs), is being actively exploited. The US Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities catalog on Wednesday, but it’s yet unknown whether the flaw is being leveraged by ransomware attackers, who often try to delete existing backups to make it more … More → The post NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) appeared first on Help Net Security.
News URL
Related news
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- CVE fallout: The splintering of the standard vulnerability tracking system has begun (source)
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610) (source)
- How to Automate CVE and Vulnerability Advisory Response with Tines (source)
- Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399) (source)
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-04 | CVE-2024-48248 | Unspecified vulnerability in Nakivo Backup & Replication Director 9.4.0.R43656 NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials). | 8.6 |