Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
https://www.security.com/threat-intelligence/ransomhub-betruger-backdoor
https://thehackernews.com/2024/10/ransomware-gangs-use-lockbits-fame-to.html
https://blog.talosintelligence.com/akira-ransomware-continues-to-evolve/
https://therecord.media/veam-vulnerability-exploited-ransomware-cisa-kev
https://www.welivesecurity.com/en/eset-research/cosmicbeetle-steps-up-probation-period-ransomhub
https://thehackernews.com/2024/09/cosmicbeetle-deploys-custom-scransom.html
https://www.securityweek.com/year-old-veeam-vulnerability-exploited-in-fresh-ransomware-attacks/
https://blogs.blackberry.com/en/2024/07/akira-ransomware-targets-the-latam-airline-industry
https://www.group-ib.com/blog/estate-ransomware/
https://thehackernews.com/2024/07/new-ransomware-group-exploiting-veeam.html
https://news.sophos.com/en-us/2023/12/21/akira-again-the-ransomware-that-keeps-on-taking/
https://thehackernews.com/2023/12/behind-scenes-of-matveevs-ransomware.html
Published: 2023-03-10
Updated: 2025-03-13
Named Vulnerability: Veeam FlawKnown Exploited Vulnerability (KEV)
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
Severity: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: High
EPSS: 0.80329