ReportizFlow
Filtered by vendor Veeam
Subscriptions
Filtered by product Agent
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45207 | 1 Veeam | 1 Agent | 2024-12-04 | N/A |
| DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services | ||||
| CVE-2024-42452 | 1 Veeam | 1 Agent | 2024-12-04 | N/A |
| A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise. | ||||
| CVE-2024-29853 | 1 Veeam | 1 Agent | 2024-12-04 | N/A |
| An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local privilege escalation. | ||||
| CVE-2024-40709 | 1 Veeam | 1 Agent | 2024-12-04 | N/A |
| A missing authorization vulnerability allows a local low-privileged user on the machine to escalate their privileges to root level. | ||||
Page 1 of 1.