Veeam · Veeam Agent For Microsoft Windows · CVE-2024-45207
**Name of the Vulnerable Software and Affected Versions**
Veeam Agent for Microsoft Windows (affected versions not specified)
**Description**
The issue is related to the use of an insecure path search in Veeam Agent for Microsoft Windows, which can lead to DLL injection. If the system's `PATH` variable includes insecure locations, the agent may search these directories for necessary DLLs. An attacker can place a malicious DLL in one of these directories, allowing the Veeam Agent to load it inadvertently and execute harmful code. This could result in unauthorized access, data theft, or disruption of services.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.