Unauthorized Access Vulnerability in Veritas Backup Exec
CVE-2021-27876
Key Information:
- Vendor
Veritas
- Status
- Vendor
- CVE Published:
- 1 March 2021
Badges
What is CVE-2021-27876?
A vulnerability has been identified in Veritas Backup Exec versions prior to 21.2 that compromises secure communication between clients and agents. This flaw arises from weaknesses in the SHA Authentication scheme, allowing an unauthorized attacker to bypass authentication. Once exploited, the attacker can issue data management protocol commands using an authenticated connection. This may enable access to arbitrary files on the system with system-level privileges, presenting significant risks to data security and system integrity.
CISA has reported CVE-2021-27876
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2021-27876 as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply updates per vendor instructions.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
13% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π‘
Public PoC available
- π°
Used in Ransomware
- πΎ
Exploit known to exist
- π¦
CISA Reported
Vulnerability published
Vulnerability Reserved