CVE-2024-40711

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 12.2.0.334

Description Veeam Backup & Replication is affected by a critical deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution (RCE). This flaw, tracked as CVE-2024-40711, has a CVSS score of 9.8 and is actively being exploited by ransomware groups, including Akira and Fog. Attackers are leveraging this vulnerability to gain full control of systems and deploy ransomware. A proof-of-concept exploit is publicly available, increasing the risk of widespread exploitation. The vulnerability is related to .NET Remoting and allows attackers to execute arbitrary code without authentication. The vulnerability has been observed in attacks where attackers establish a local administrator account to deploy ransomware. The vulnerability is actively exploited and has been added to CISA’s Known Exploited Vulnerabilities Catalog.

Recommendations Update Veeam Backup & Replication to version 12.2.0.334 or later.