Veeam warns of critical bugs in Veeam ONE monitoring platform

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. The company assigned almost maximum severity ratings to the critical security flaws since they let attackers gain remote code execution and steal NTLM hashes from vulnerable servers. The remaining two are medium-severity bugs that require user interaction or have limited impact. "A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database," an advisory published today says about the bug tracked as CVE-2023-38547. "A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service," the company says when describing the second critical vulnerability patched today. Veeam also fixed a security flaw tracked as CVE-2023-38549 that could let attackers with Power User roles steal the access token of an admin in a Cross-Site Scripting attack, which requires user interaction from someone with the Veeam ONE Administrator role. CVE-2023-41723, the fourth vulnerability addressed today, can be exploited by malicious actors with the Read-Only User role to access the Dashboard Schedule. Admins must stop the Veeam ONE monitoring and reporting services on impacted servers, replace the files on the disk with the files in the hotfix, and restart the services to deploy the hotfixes. In March, Veeam also fixed a high-severity Backup Service vulnerability in the Backup & Replication software that can be used to breach backup infrastructure hosts. This flaw was later targeted in attacks linked to the financially motivated FIN7 threat group, known for its connections with multiple ransomware operations, including the Conti syndicate, REvil, Maze, Egregor, and BlackBasta. Months later, the Cuba ransomware gang exploited the bug to target critical infrastructure organizations in the United States and IT firms in Latin America. Veeam says its software is used by more than 450,000 customers globally, encompassing 82% of Fortune 500 companies and 72% of those listed in the Global 2,000 annual ranking. TellYouThePass ransomware joins Apache ActiveMQ RCE attacks. New Microsoft Exchange zero-days allow RCE, data theft attacks. 3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online. HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks. F5 fixes BIG-IP auth bypass allowing remote code execution attacks.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Veeam warns of critical bugs in Veeam ONE monitoring platform

Veeam warns of critical bugs in Veeam ONE monitoring platform - Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. The company assigned almost maximum severity ratings to the critical security flaws ...
1 year ago Bleepingcomputer.com CVE-2023-38547 CVE-2023-38549 CVE-2023-41723 FIN7 Cuba
15 PostgreSQL Monitoring Tools - 2025 - What is Good?What Could Be Better?Monitoring application performance, user experience, and errors.Some users find the pricing high, especially for larger environments.Continuous server, database, and infrastructure monitoring.The extensive feature ...
3 months ago Cybersecuritynews.com
20 Best Kubernetes Monitoring Tools in 2025 - Zabbix: Enterprise-grade monitoring with support for Kubernetes clusters, offering real-time metrics and alerting. Azure Monitoring: Comprehensive monitoring solution for Azure Kubernetes Service (AKS) with real-time metrics and logs. Kubernetes ...
1 week ago Cybersecuritynews.com
15 Best Docker Monitoring Tools in 2025 - What is Good ?What Could Be Better ?cAdvisor monitors containers without much overhead because to its minimal resource footprint.Real-time monitoring is its main focus, and historical data storage is limited.It simplifies troubleshooting using ...
1 week ago Cybersecuritynews.com
15 Best Bandwidth Monitoring Tools in 2025 - By providing real-time data on network usage, bandwidth monitoring tools enable proactive management and quick resolution of issues that could impact network performance. It provides real-time monitoring of network performance, traffic analysis, and ...
2 weeks ago Cybersecuritynews.com
15 Best Website Monitoring Tools in 2025 - What is Good ?What Could Be Better ?SolarWinds allows network, infrastructure, application, and other monitoring.SolarWinds’ security was questioned after a major breach.The platform’s interface is easy to set up and use.Basic monitoring ...
1 week ago Cybersecuritynews.com
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
1 month ago Cybersecuritynews.com
Veeam adds BaaS capabilities for Veeam Backup for Microsoft 365 - Veeam Software has expanded its relationship with Microsoft. Veeam is making it easier for customers to protect Microsoft 365 with Cirrus by Veeam which brings the ease and flexibility of Backup-as-a-Service for Microsoft 365. Utilizing the power and ...
1 year ago Helpnetsecurity.com
Veeam RCE bug lets domain users hack backup servers, patch now - Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. Ransomware gangs have told BleepingComputer in the past that Veeam ...
4 months ago Bleepingcomputer.com CVE-2025-23120
20 Best Remote Monitoring Tools - 2025 - What is Good ?What Could Be Better ?Strong abilities to keep an eye on devices and systems.Some parts may take time to figure out.It gives you tools for remote control and troubleshooting.There could be more ways to change things.Lets you automate ...
4 months ago Cybersecuritynews.com
Comprehensive Cloud Monitoring Platforms: Ensuring - Platforms for comprehensive cloud monitoring come into play in this situation. In this article, we will explore the significance of comprehensive cloud monitoring platforms and delve into some leading solutions available in the market today. ...
1 year ago Feeds.dzone.com
10 Best Dark Web Monitoring Tools in 2025 - DarkOwl is a comprehensive dark web monitoring tool that provides organizations with real-time intelligence on emerging threats and data breaches. Recorded Future is a comprehensive dark web monitoring tool that leverages machine learning and ...
1 week ago Cybersecuritynews.com
Veeam Recovery Orchestrator users locked out after MFA rollout - Veeam is also investigating a known issue that causes connection errors on Windows 11 24H2 systems when restoring from Veeam Recovery Media. While the root cause is not yet known, Veeam believes that the most likely cause is a change within the ...
2 weeks ago Bleepingcomputer.com
Veeam Data Platform 23H2 update enhances resilience against ransomware - 1 release as well as Veeam ONE v12.1 and Veeam Recovery Orchestrator v7. This latest release from Veeam, with a focus on radical resilience, includes hundreds of new features and enhancements designed to not only protect enterprises' most critical ...
1 year ago Helpnetsecurity.com
10 Best Event Monitoring Tools in 2025 - What Could Be Better?Offers alerting and notification options that can be changed based on conditions already set.Offers a lot of ways to keep track of different IT components, services, and applications.Nagios can send out too many alerts and make ...
5 months ago Cybersecuritynews.com
10 Best Cloud Monitoring Tools in 2025 - What is Good?What Could Be Better?Unified, real-time monitoring across on-premises and cloud resources.Initial setup and management can be complex for new users.Flexible integration with third-party tools and existing solutions.User interface is less ...
1 week ago Cybersecuritynews.com
Windows 11 update breaks Veeam recovery, causes connection errors - ​As a temporary workaround, while Microsoft and Veeam are currently investigating this known issue and looking for a fix, users impacted by this issue are advised to recover their computer or data using Veeam Recovery Media generated from a ...
4 months ago Bleepingcomputer.com
10 Best Systems Management Tools & Software - 2025 - Op5 Monitor is an advanced network monitoring solution designed for IT infrastructure management, ensuring high availability and performance across networks, servers, and applications. What is Good ?What Could Be Better?Most cost-effective, scalable, ...
4 months ago Cybersecuritynews.com
Windows 11 24H2 Update Breaks Connection to the Veeam Backup Server - For organizations planning recovery operations with Veeam in a Windows 11 environment, creating recovery media on computers running Windows 11 builds earlier than 26100.3194 is advisable until a permanent solution is available. Veeam advises ...
4 months ago Cybersecuritynews.com
Veeam RCE Vulnerability Let Any Domain User Hack the Backup Servers - A remote code execution (RCE) vulnerability in Veeam Backup & Replication could allow any domain user to compromise backup servers with SYSTEM-level privileges. The findings, assigned CVE-2025-23120, affect Veeam Backup & Replication ...
4 months ago Cybersecuritynews.com CVE-2025-23120
Monitoring Your Files for Security and Compliance | Tripwire - This may seem like a heck of a statement, but when you are monitoring against a cryptographic value or other attributes (including content), even the slightest deviation is a valid change & that change is detected and processed according to local ...
10 months ago Tripwire.com
Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security - Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of critical severity. For the second straight month, ...
1 year ago Darkreading.com CVE-2024-20674 CVE-2024-20700 CVE-2024-21307 CVE-2024-21318 CVE-2023-21310 CVE-2023-36036 CVE-2024-20653 CVE-2024-20698 CVE-2024-20683 CVE-2024-20686
Critical Veeam Backup & Replication Vulnerability Allows Malicious Remote Code Execution - Veeam Backup & Replication, with its large deployment footprint across enterprise environments, represents a significant target for cybercriminals, particularly ransomware operators seeking to disable recovery options before launching attacks. As ...
4 months ago Cybersecuritynews.com
CVE-2022-36407 - Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual ...
1 year ago
Addressing Bias in Insider Risk Monitoring - Enterprises often take similar steps to protect data from internal and outside threats, where teams analyze activities to identify potential risks. Security operations centers defending against these threats must look at employees, partners, and ...
1 year ago Cyberdefensemagazine.com