Detections
Analytics

CVE-2024-40711

critical

Description

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).

References

https://www.darkreading.com/threat-intelligence/akira-raas-nutanix-vms-critical-orgs

https://www.bleepingcomputer.com/news/security/cisa-warns-of-akira-ransomware-linux-encryptor-targeting-nutanix-vms/

https://www.theregister.com/2025/06/18/veeam_fixes_third_critical_rce/

https://www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/

https://securityaffairs.com/178969/malware/unusual-toolset-used-in-recent-fog-ransomware-attack.html

https://www.securityweek.com/fog-ransomware-attack-employs-unusual-tools/

https://www.security.com/threat-intelligence/fog-ransomware-attack

https://www.securityweek.com/veeam-patches-critical-vulnerability-in-backup-replication/

https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/

https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-bug-in-service-provider-console/

https://thehackernews.com/2024/11/cisa-alert-active-exploitation-of.html

https://securityaffairs.com/170717/malware/veeam-backup-replication-flaw-frag-ransomware.html

https://news.sophos.com/en-us/2024/11/08/veeam-exploit-seen-used-again-with-a-new-ransomware-frag/

https://thehackernews.com/2024/10/ransomware-gangs-use-lockbits-fame-to.html

https://blog.talosintelligence.com/akira-ransomware-continues-to-evolve/

https://therecord.media/veam-vulnerability-exploited-ransomware-cisa-kev

https://www.hipaajournal.com/exploitation-fortinet-veeam-backup-replication-vulnerabilities/

https://informationsecuritybuzz.com/veeam-vulnerability-actively-exploited/

https://www.securityweek.com/recent-veeam-vulnerability-exploited-in-ransomware-attacks/

https://www.infosecurity-magazine.com/news/nhs-england-warns-cve-active/

https://www.bleepingcomputer.com/news/security/akira-and-fog-ransomware-now-exploiting-critical-veeam-rce-flaw/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a

https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-flaw-in-backup-and-replication-software/

https://thehackernews.com/2024/09/veeam-releases-security-updates-to-fix.html

https://www.veeam.com/kb4649

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-40711

Details

Source: Mitre, NVD

Published: 2024-09-07

Updated: 2025-10-30

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

CVSS v4

Base Score: 9.4

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Severity: Critical

EPSS

EPSS: 0.68887

Vulnerability Watch

Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.

Vulnerability of Interest