CVE-2022-41320

Name of the Vulnerable Software and Affected Versions Veritas System Recovery (VSR) versions 18 and 21

Description The issue allows a Windows user with sufficient privileges to access a network file system they were not authorized to access. This is due to the storage of a network destination password in the Windows registry during the configuration of the backup configuration.

Recommendations For versions 18 and 21, consider restricting access to the Windows registry to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the privileges of Windows users to prevent unauthorized access to network file systems.