CVE-2020-36167

Name of the Vulnerable Software and Affected Versions: Veritas Backup Exec versions prior to 16.2 Veritas Backup Exec version 20.6 before hotfix 298543 Veritas Backup Exec version 21.1 before hotfix 657517

Description: An issue in the server allows a low-privileged user to create a malicious configuration file that can load a malicious OpenSSL engine, resulting in arbitrary code execution as SYSTEM when the service starts. This gives the attacker administrator access on the system, allowing the attacker to access all data and installed applications. If the system is an Active Directory domain controller, this can affect the entire domain.

Recommendations: For Veritas Backup Exec versions prior to 16.2, update to a version that includes the necessary security fixes. For Veritas Backup Exec version 20.6, apply hotfix 298543 to resolve the issue. For Veritas Backup Exec version 21.1, apply hotfix 657517 to resolve the issue. As a temporary workaround, consider restricting access to the /usr/local/ssl/openssl.cnf configuration file to prevent a low-privileged user from creating a malicious file.