skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Critical RCE Vulnerability Identified in Veeam VSPC

/ 1 min read

Veeam Software issues critical security updates for vulnerabilities. The company has released urgent patches to address two significant vulnerabilities in its Service Provider Console (VSPC), with CVE-2024-42448 rated at a CVSS score of 9.9, allowing remote code execution by attackers. This flaw could enable unauthorized access to VSPC servers, risking sensitive customer data and disrupting backup operations. A second vulnerability, CVE-2024-42449, has a CVSS score of 7.1 and could allow attackers to extract sensitive information and delete files. Affected versions include VSPC 8.1.0.21377 and earlier; Veeam urges all service providers to update to version 8.1.0.21999 immediately to mitigate these risks.