Low-Privileged User Can Elevate Privileges and Compromise Server
CVE-2024-42452

8.8HIGH

Key Information:

Vendor: Veeam
Status: Veeam Backup \& Replication
Vendor: CVE Published:; 4 December 2024

What is CVE-2024-42452?

A vulnerability exists in Veeam Backup & Replication that enables low-privileged users to remotely initiate agents in server mode and gain system-level access. This exploitation leads to the potential for an attacker to upload files to the server with elevated privileges. The root cause lies in inadequate permission checks during remote calls, which can result in comprehensive system compromise and unauthorized access to sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.veeam.com/kb4693

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 4, 2024

JSON

Veeam

What is CVE-2024-42452?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.