Veeam Service Provider Console (VSPC) Vulnerability: Remote Code Execution (RCE)
CVE-2024-29212
Summary
The Veeam Service Provider Console has a vulnerability, CVE-2024-29212, which allows for Remote Code Execution (RCE) due to an unsafe deserialization method. This vulnerability is rated as critical with a CVSS v3.1 Score of 9.9, and affects versions 4.0 to 8.0 of the Veeam Service Provider Console. The potential impact of this vulnerability is severe, and organizations are advised to patch their systems as soon as possible to prevent exploitation. There are no known exploits of this vulnerability in the wild, and it has not been linked to any ransomware groups.
Affected Version(s)
Service Provider Console 8
Service Provider Console 7
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
Veeam Service Provider Console Vulnerability ( CVE-2024-29212 ) | Veeam Community Resource Hub
To kick off the group here is the first post that VCSPs should know about as it relates to VSPC and a CVE. You can find details here -Veeam has announc...
9 months ago
Veeam Service Provider Console Vulnerability ( CVE-2024-29212 ) | Veeam Community Resource Hub
To kick off the group here is the first post that VCSPs should know about as it relates to VSPC and a CVE. You can find details here -Veeam has announc...
9 months ago
Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam fixes RCE flaw in backup management platform
9 months ago
References
CVSS V3.1
Timeline
Vulnerability published
- 📰
First article discovered by Veeam Community
Vulnerability Reserved