cve-2024-45207
Vulnerability from cvelistv5
Published
2024-12-04 01:06
Modified
2024-12-04 15:21
Severity ?
EPSS score ?
Summary
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Veeam | Agent for Windows |
Version: 12.2 ≤ 12.2 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:veeam:agent:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "agent",
"vendor": "veeam",
"versions": [
{
"lessThan": "6.3.0.177",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:55:19.211011Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T15:21:30.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Agent for Windows",
"vendor": "Veeam",
"versions": [
{
"lessThanOrEqual": "12.2",
"status": "affected",
"version": "12.2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DLL injection in Veeam Agent for Windows can occur if the system\u0027s PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services"
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T01:06:04.660Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://www.veeam.com/kb4693"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2024-45207",
"datePublished": "2024-12-04T01:06:04.660Z",
"dateReserved": "2024-08-23T01:00:01.061Z",
"dateUpdated": "2024-12-04T15:21:30.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-45207\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2024-12-04T02:15:05.520\",\"lastModified\":\"2024-12-04T16:15:25.580\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DLL injection in Veeam Agent for Windows can occur if the system\u0027s PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services\"},{\"lang\":\"es\",\"value\":\" La inyecci\u00f3n de DLL en Veeam Agent para Windows puede ocurrir si la variable PATH del sistema incluye ubicaciones no seguras. Cuando el agente se ejecuta, busca en estos directorios las DLL necesarias. Si un atacante coloca una DLL maliciosa en uno de estos directorios, Veeam Agent podr\u00eda cargarla sin darse cuenta, lo que le permitir\u00eda ejecutar c\u00f3digo da\u00f1ino. Esto podr\u00eda provocar acceso no autorizado, robo de datos o interrupci\u00f3n de los servicios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"references\":[{\"url\":\"https://www.veeam.com/kb4693\",\"source\":\"support@hackerone.com\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.