NHS England has posted an alert regarding a vital Veeam Backup & Replication vulnerability which is now underneath lively exploitation by ransomware teams.
Profitable exploitation of the vulnerability (CVE-2024-40711) may result in distant code execution (RCE), the alert famous. RCE may permit attackers to run code on a distant machine with out the necessity for bodily entry.
Menace severity has been rated excessive, with a CVSS rating of 9.8.
These teams are reportedly exploiting CVE-2024-40711 as a second stage exploit to create new native administrator accounts to facilitate additional goals on compromised networks.
Studies warn of exploitation makes an attempt since shortly after official disclosure by Veeam.
Sophos X-Ops MDR and Incident Response has tracked a sequence of assaults prior to now month which have leveraged compromised credentials and CVE-2024-40711 to create an account and deploy ransomware. The agency didn’t be aware the goal of this assault.
In as soon as case, attackers dropped Fog ransomware and one other assault noticed the tried deployment of Akira ransomware, in line with Sophos.
Veeam first issued a safety bulletin regarding this and 4 excessive severity vulnerabilities on September 4, 2024.
The NHS discover highlighted that enterprise backup and catastrophe restoration functions are worthwhile targets for cyber risk teams.
Vulnerabilities in backup and catastrophe restoration functions are sometimes exploited within the wild by ransomware teams shortly after official disclosure.
“NHS England Nationwide [Cybersecurity Operations Centre] assess exploitation of CVE-2024-40711 as extremely more likely to proceed,” the advisory later stated.
The vulnerability impacts Veeam Backup & Replication 12.1.2.172. Veeam famous that unsupported product variations will not be examined however are possible affected and needs to be thought of susceptible.
Affected organizations have been suggested to assessment the Veeam Safety Bulletin from and replace Veeam Backup & Replication to model 12.2 (or above) as a matter of urgency.
Veeam Backup & Replication is a knowledge safety resolution that provides backup and restoration for digital, bodily, community hooked up storage, and cloud-native environments.
