Blog
Critical Veeam Backup Solution Vulnerability: How to Protect Your Data
What is the VEEAM vulnerability?
Veeam, a backup data solution, has warned its customers to fix a severe security problem that affects its Backup & Replication software. This issue (CVE-2023-27532) was found in February by a security researcher named Shanigen and it affects all versions of Veeam Backup & Replication (VBR). The vulnerability allows people who aren’t authorized to access the software to get into the backup system by obtaining encrypted passwords.
Veeam has created patches to fix this vulnerability in VBR V11 and V12. They’re telling customers to update their software immediately to avoid the problem.
If a customer is using an older version of VBR, they need to first update to V11 or V12 before they can use the security update that addresses the vulnerability.
What you need to do
To apply the patch and avoid the potential compromise of your backups, you will be required to do so yourself or with the assistance of TSI’s help desk support team.
If you would like to apply the patch on your own, please refer to the links below with details about the vulnerability and the updated patch remediating it.
• VEEAM Fixes Bug That Lets Hackers Breach Backup Infrastructure
• VEEAM CVE-2023-27532 Overview
Contact us if you need help.
If you want TSI’s assistance, please indicate your interest by clicking the button below. A help desk support team member will apply the patch outside your standard business hours to avoid any potential interruptions to your environment.
We anticipate the patch will take 1-2 hours to apply and be billed against your current block-hour agreement.
Please contact your account manager if you have any questions or if we can further assist.
Get in Touch with TSI
For more information on Microsoft’s CVE 2022 - 30190 MDST vulnerability or If you have any questions or concerns, please do not hesitate to give us a call at 508-543-6979 or send us a message here to get started.
Categories
- Backup & Disaster Recovery
- Business Operations
- Case Studies
- Cloud Services
- Cyber Security
- Employee Spotlight
- Finance & Budgeting
- Glossary Term
- Governance & IT Compliance
- Managed Services
- Mobile Device Management
- Network Infrastructure
- NIST 800-171 & CMMC 2.0
- PCI
- Podcast
- Project Management
- TSI
- Uncategorized
- vCIO
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place