Latest news with #CVE-2024-45206
Mid East Info
25-03-2025
- Business
- Mid East Info
Positive Technologies helps fix a vulnerability in Veeam Service Provider Console - Middle East Business News and Information
The server-side request forgery (SSRF) vulnerability could be used for attacks on internal corporate networks Backup solutions vendor Veeam Software eliminated a vulnerability in Veeam Service Provider Console, a management platform used by backup and disaster recovery service providers. The security flaw CVE-2024-45206 (BDU:2024-1170) was discovered by PT SWARM expert Nikita Petrov. The vendor was notified of the threat in line with the responsible disclosure policy and has already released a software patch. The SSRF vulnerability, rated 6.5 on the CVSS 3.0 scale, affected versions 7.x through 8.0.x. When exploited, this vulnerability could hypothetically expose companies to attacks on internal networks, since it allowed an attacker to send arbitrary HTTP requests to external or internal resources on behalf of the server. To address the vulnerability, users should promptly update to Veeam Service Provider Console version 8.1.0.21377 or later. According to the vendor , Veeam solutions are used by more than 550,000 customers from different countries, including 74% of Forbes Global 2000 companies. According to publicly available search engines, the list of the most active users of Veeam products is headed by the United States, Germany, and France, while UAE ranks 32nd. Veeam has the largest market share among global data replication and protection software vendors and has been named a leader in Gartner's Magic Quadrant for Enterprise Backup and Recovery Software Solutions report for eight years in a row. Veeam Service Provider Console could potentially be attacked directly from the web. As of January 2025, open-source data indicated that there were 2587 vulnerable systems worldwide. The majority of installations are in the United States (26%), Türkiye (20%), Germany and Great Britain (6% each), Canada and France (5% each). 'Before the patch was released, the vulnerability primarily posed a risk to large enterprise segment companies—the main users of Veeam Service Provider Console,' said Nikita Petrov, a Senior Penetration Testing Specialist in the Security Analysis Department, Positive Technologies. 'Attackers could initiate a request from the server to a resource that is not accessible from the outside and gain the ability to interact with it. This would allow them to obtain information about the victim's network infrastructure and thus simplify the implementation and subsequent development of attacks. For example, one possible consequence of the penetration could be the exploitation of vulnerabilities present in internal systems.' This is not the first vulnerability in Veeam Software products that Positive Technologies experts have helped to fix. In 2022, Nikita Petrov discovered two security flaws at once in Veeam Backup & Replication, a popular backup system for automating backup and disaster recovery. Another flaw was discovered in Veeam Agent for Microsoft Windows, a Windows data backup software. To block attempts to exploit SSRF vulnerabilities, Positive Technologies recommends using advanced security solutions, including web application firewalls like PT Application Firewall (also available in the cloud version: PT Cloud Application Firewall). A firewall allows you to protect applications without making changes to them when a company is unable to install a patch released by the vendor. To detect vulnerabilities of this type during software development, you should use a static code analyzer like PT Application Inspector . In addition, NTA solutions, such as PT Network Attack Discovery (PT NAD) , and network traffic analysis tools, like PT NGFW , will help you promptly detect attempts to exploit vulnerabilities within your company's network perimeter. NGFWs go beyond merely detecting exploitation attempts—they prevent them by using an IPS module.
Channel Post MEA
25-03-2025
- Business
- Channel Post MEA
Positive Technologies Fixes Veeam Service Provider Console Vulnerability
Backup solutions vendor Veeam Software eliminated a vulnerability in Veeam Service Provider Console, a management platform used by backup and disaster recovery service providers. The security flaw CVE-2024-45206 ( BDU:2024-1170 ) was discovered by PT SWARM expert Nikita Petrov. The vendor was notified of the threat in line with the responsible disclosure policy and has already released a software patch . The SSRF vulnerability, rated 6.5 on the CVSS 3.0 scale, affected versions 7.x through 8.0.x. When exploited, this vulnerability could hypothetically expose companies to attacks on internal networks, since it allowed an attacker to send arbitrary HTTP requests to external or internal resources on behalf of the server. To address the vulnerability, users should promptly update to Veeam Service Provider Console version 8.1.0.21377 or later. According to the vendor , Veeam solutions are used by more than 550,000 customers from different countries, including 74% of Forbes Global 2000 companies. According to publicly available search engines, the list of the most active users of Veeam products is headed by the United States, Germany, and France, while UAE ranks 32nd. Veeam has the largest market share among global data replication and protection software vendors and has been named a leader in Gartner's Magic Quadrant for Enterprise Backup and Recovery Software Solutions report for eight years in a row. Veeam Service Provider Console could potentially be attacked directly from the web. As of January 2025, open-source data indicated that there were 2587 vulnerable systems worldwide. The majority of installations are in the United States (26%), Türkiye (20%), Germany and Great Britain (6% each), Canada and France (5% each). 'Before the patch was released, the vulnerability primarily posed a risk to large enterprise segment companies—the main users of Veeam Service Provider Console,' said Nikita Petrov, a Senior Penetration Testing Specialist in the Security Analysis Department, Positive Technologies. 'Attackers could initiate a request from the server to a resource that is not accessible from the outside and gain the ability to interact with it. This would allow them to obtain information about the victim's network infrastructure and thus simplify the implementation and subsequent development of attacks. For example, one possible consequence of the penetration could be the exploitation of vulnerabilities present in internal systems.' This is not the first vulnerability in Veeam Software products that Positive Technologies experts have helped to fix. In 2022, Nikita Petrov discovered two security flaws at once in Veeam Backup & Replication, a popular backup system for automating backup and disaster recovery. Another flaw was discovered in Veeam Agent for Microsoft Windows, a Windows data backup software. To block attempts to exploit SSRF vulnerabilities, Positive Technologies recommends using advanced security solutions, including web application firewalls like PT Application Firewall (also available in the cloud version: PT Cloud Application Firewall). A firewall allows you to protect applications without making changes to them when a company is unable to install a patch released by the vendor. To detect vulnerabilities of this type during software development, you should use a static code analyzer like PT Application Inspector . In addition, NTA solutions, such as PT Network Attack Discovery (PT NAD) , and network traffic analysis tools, like PT NGFW , will help you promptly detect attempts to exploit vulnerabilities within your company's network perimeter. NGFWs go beyond merely detecting exploitation attempts—they prevent them by using an IPS module. 0 0
Zawya
25-03-2025
- Business
- Zawya
Positive Technologies helps fix a vulnerability in Veeam Service Provider Console
Backup solutions vendor Veeam Software eliminated a vulnerability in Veeam Service Provider Console, a management platform used by backup and disaster recovery service providers. The security flaw CVE-2024-45206 (BDU:2024-1170) was discovered by PT SWARM expert Nikita Petrov. The vendor was notified of the threat in line with the responsible disclosure policy and has already released a software patch. The SSRF vulnerability, rated 6.5 on the CVSS 3.0 scale, affected versions 7.x through 8.0.x. When exploited, this vulnerability could hypothetically expose companies to attacks on internal networks, since it allowed an attacker to send arbitrary HTTP requests to external or internal resources on behalf of the server. To address the vulnerability, users should promptly update to Veeam Service Provider Console version 8.1.0.21377 or later. According to the vendor, Veeam solutions are used by more than 550,000 customers from different countries, including 74% of Forbes Global 2000 companies. According to publicly available search engines, the list of the most active users of Veeam products is headed by the United States, Germany, and France, while UAE ranks 32nd. Veeam has the largest market share among global data replication and protection software vendors and has been named a leader in Gartner's Magic Quadrant for Enterprise Backup and Recovery Software Solutions [1] report for eight years in a row. Veeam Service Provider Console could potentially be attacked directly from the web. As of January 2025, open-source data indicated that there were 2587 vulnerable systems worldwide. The majority of installations are in the United States (26%), Türkiye (20%), Germany and Great Britain (6% each), Canada and France (5% each). " Before the patch was released, the vulnerability primarily posed a risk to large enterprise segment companies—the main users of Veeam Service Provider Console," said Nikita Petrov, a Senior Penetration Testing Specialist in the Security Analysis Department, Positive Technologies. "Attackers could initiate a request from the server to a resource that is not accessible from the outside and gain the ability to interact with it. This would allow them to obtain information about the victim's network infrastructure and thus simplify the implementation and subsequent development of attacks. For example, one possible consequence of the penetration could be the exploitation of vulnerabilities present in internal systems." This is not the first vulnerability in Veeam Software products that Positive Technologies experts have helped to fix. In 2022, Nikita Petrov discovered two security flaws at once in Veeam Backup & Replication, a popular backup system for automating backup and disaster recovery. Another flaw was discovered in Veeam Agent for Microsoft Windows, a Windows data backup software. To block attempts to exploit SSRF vulnerabilities, Positive Technologies recommends using advanced security solutions, including web application firewalls like PT Application Firewall (also available in the cloud version: PT Cloud Application Firewall). A firewall allows you to protect applications without making changes to them when a company is unable to install a patch released by the vendor. To detect vulnerabilities of this type during software development, you should use a static code analyzer like PT Application Inspector. In addition, NTA solutions, such as PT Network Attack Discovery (PT NAD), and network traffic analysis tools, like PT NGFW, will help you promptly detect attempts to exploit vulnerabilities within your company's network perimeter. NGFWs go beyond merely detecting exploitation attempts—they prevent them by using an IPS module. Positive Technologies is an industry leader in results-oriented cybersecurity and a major global provider of information security solutions. Our mission is to safeguard businesses and entire industries against cyberattacks and non-tolerable damage. Over 4,000 organizations worldwide use technologies and services developed by our company. Positive Technologies is the first and only cybersecurity company in Russia to have gone public on the Moscow Exchange (MOEX: POSI), with 205,000 shareholders and counting.
TECHx
25-03-2025
- TECHx
Veeam Patches Critical Vulnerability in Service Provider Console
Veeam Patches Critical Vulnerability in Service Provider Console News Desk - Share Veeam Software has patched a critical security flaw in its Veeam Service Provider Console, a platform used by backup and disaster recovery service providers. The vulnerability, identified as CVE-2024-45206 (BDU:2024-1170), was discovered by Nikita Petrov, a Senior Penetration Testing Specialist at Positive Technologies' PT SWARM team. Following responsible disclosure, Veeam quickly released a security patch to address the issue. What Is the Vulnerability? The flaw is an SSRF (Server-Side Request Forgery) vulnerability, rated 6.5 on the CVSS 3.0 scale. It affected Veeam Service Provider Console versions 7.x through 8.0.x. If exploited, attackers could send arbitrary HTTP requests on behalf of the server. This could allow access to internal networks, exposing sensitive resources. Who Is at Risk? According to open-source data, as of January 2025, 2,587 systems worldwide remain vulnerable. The countries with the most exposed systems include: United States (26%) Türkiye (20%) Germany & Great Britain (6% each) Canada & France (5% each) The flaw mainly affects large enterprises, which are the primary users of Veeam Service Provider Console. Why Is This a Serious Threat? Nikita Petrov explained that attackers could use this vulnerability to interact with internal systems. This could reveal network infrastructure details and lead to further attacks. In 2022, Positive Technologies also discovered security flaws in Veeam Backup & Replication and Veeam Agent for Microsoft Windows. What Should Users Do? To protect against exploitation, Veeam recommends updating to version 8.1.0.21377 or later. Prompt action is essential to safeguard systems. Positive Technologies also suggests using advanced security tools like: Web Application Firewalls (WAF) – Such as PT Application Firewall, available both on-premises and in the cloud. Static Code Analysis – Tools like PT Application Inspector to detect vulnerabilities during development. Network Traffic Analysis (NTA) – Solutions like PT Network Attack Discovery (PT NAD) and PT NGFW with IPS modules to detect and block attacks. Why This Matters Veeam Software supports over 550,000 customers worldwide, including 74% of Forbes Global 2000 companies. The United States, Germany, and France lead in usage, while the UAE ranks 32nd. Veeam also holds the largest market share in data replication and protection. For eight consecutive years, it has been recognized in Gartner's Magic Quadrant for Enterprise Backup and Recovery Software Solutions. Take Action Now Organizations using Veeam Service Provider Console should update their software immediately. Implementing additional security measures is also crucial to prevent future threats.
