NHS England has posted an alert referring to a crucial Veeam Backup & Replication vulnerability which is now underneath energetic exploitation by ransomware teams.
Profitable exploitation of the vulnerability (CVE-2024-40711) might result in distant code execution (RCE), the alert famous. RCE might enable attackers to run code on a distant gadget with out the necessity for bodily entry.
Menace severity has been rated excessive, with a CVSS rating of 9.8.
These teams are reportedly exploiting CVE-2024-40711 as a second stage exploit to create new native administrator accounts to facilitate additional goals on compromised networks.
Experiences warn of exploitation makes an attempt since shortly after official disclosure by Veeam.
Sophos X-Ops MDR and Incident Response has tracked a collection of assaults previously month which have leveraged compromised credentials and CVE-2024-40711 to create an account and deploy ransomware. The agency didn’t observe the goal of this assault.
In as soon as case, attackers dropped Fog ransomware and one other assault noticed the tried deployment of Akira ransomware, based on Sophos.
Veeam first issued a safety bulletin referring to this and 4 excessive severity vulnerabilities on September 4, 2024.
The NHS discover highlighted that enterprise backup and catastrophe restoration functions are beneficial targets for cyber risk teams.
Vulnerabilities in backup and catastrophe restoration functions are sometimes exploited within the wild by ransomware teams shortly after official disclosure.
“NHS England Nationwide [Cybersecurity Operations Centre] assess exploitation of CVE-2024-40711 as extremely more likely to proceed,” the advisory later mentioned.
The vulnerability impacts Veeam Backup & Replication 12.1.2.172. Veeam famous that unsupported product variations should not examined however are possible affected and ought to be thought of susceptible.
Affected organizations have been suggested to evaluate the Veeam Safety Bulletin from and replace Veeam Backup & Replication to model 12.2 (or above) as a matter of urgency.
Veeam Backup & Replication is a knowledge safety resolution that gives backup and restoration for digital, bodily, community hooked up storage, and cloud-native environments.