CVE-2024-42452

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication (affected versions not specified)

Description A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.