Critical Veeam Cve Targeted By New Ransomware Variant

The latest and trending news from around the world.

Critical Veeam CVE targeted by new ransomware variant
Critical Veeam CVE targeted by new ransomware variant from

Critical Veeam CVE Targeted by New Ransomware Variant

Latest Ransomware Variant Exploits Critical Veeam CVE

A critical vulnerability in Veeam Backup & Replication software, tracked as CVE-2023-22012, has been actively exploited by a new ransomware variant. This new ransomware strain, known as "Pandora," encrypts files on vulnerable systems and demands a ransom payment for their release.

Affected Veeam Versions and Vendors

The vulnerability affects Veeam Backup & Replication versions 11a and 12, and is present in both physical and virtual appliance deployments. VMware vSphere, Microsoft Hyper-V, and Nutanix AHV hypervisors are all affected by this vulnerability.

Technical Details

The vulnerability is described as a "heap buffer overflow" issue that could allow an unauthenticated attacker to remotely execute arbitrary code on the targeted system. This vulnerability has been assigned a CVSS score of 9.8, indicating its critical severity.

Exploitation Method

Mitigation

Veeam has released a security update (version 11a Update 4a) to address this vulnerability. All affected users are strongly advised to apply this update immediately. If immediate patching is not possible, Veeam provides a temporary workaround described in their security advisory.

Impact and Recommendation

This critical vulnerability poses a significant threat to organizations using Veeam Backup & Replication software. It is essential for all affected users to apply the security update or implement the temporary workaround immediately to prevent potential ransomware attacks.

Additionally, it is highly recommended to implement best security practices such as maintaining regular backups, implementing multi-factor authentication, and keeping software up to date to minimize the risk of cyber threats.