CVE-2024-40710

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication (affected versions not specified)

Description A series of related high-severity vulnerabilities in Veeam Backup & Replication enables remote code execution (RCE) as the service account and extraction of sensitive information, including saved credentials and passwords. Exploiting these vulnerabilities requires a user who has been assigned a low-privileged role within the system. The issue is related to insufficient protection of registration data, allowing a remote attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.