- Description
- From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.
- Source
- support@hackerone.com
- NVD status
- Awaiting Analysis
CVSS 3.0
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-94
- Hype score
- Not currently trending
CVE-2024-42448 From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) o… https://t.co/0fK32xNzNl
@CVEnew
15 Dec 2024
354 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
به تازگی Veeam برای دو آسیب پذیری موجود در سرویس (VSPC) ، پچ امنیتی لازم را منتشر نموده است.آسیب پذیری اول دارای کد شناسایی CVE-2024-42448 و از نوع RCE و آسیب پذیری دوم دارای کد شناسایی CVE-2024-42449 که باعث سرقت هش NTLM می شود ، هستند. https://t.co/Poz3aKY03t https://t.co/Mujo9
@AmirHossein_sec
13 Dec 2024
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Veeam SPC の脆弱性 CVE-2024-42448/42448 が FIX:RCE や NTLM ハッシュ漏洩の恐れ https://t.co/ZGAlV9ZA3V Veeam の Service Provider Console に、深刻な脆弱性とのことです。すでにアップデートが提供されていますので、ご利用のチームは、ご確認ください。 #NTLM #RCE #ServiceProviderConsole… https://t.co/OhB1f768DA
@iototsecnews
12 Dec 2024
144 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-42448: CRITICAL] Potential Remote Code Execution vulnerability discovered in VSPC management system. Ensure proper authorization to prevent unauthorized access and maintain cybersecurity.#cybersecurity,#vulnerability https://t.co/okepSUbzXT https://t.co/0JKviFC48i
@CveFindCom
11 Dec 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری بحرانی CVE-2024-42448 در کنسول ارائه دهنده سرویس Veeam https://t.co/tVgbaSSr3C
@vulnerbyte
10 Dec 2024
28 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
On December 3, 2024, Veeam disclosed a critical vulnerability within the Veeam Service Provider Console (VSPC), tracked as CVE-2024-42448, which was discovered during internal testing. Learn more in our latest security bulletin: #EndCyberRisk https://t.co/KIVCnuk1RG
@ChannelSkell
9 Dec 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Veeam releases immediate update in order to #patch two severe #vulnerabilities, CVE-2024-42448 & CVE-2024-42449. #Cybersecurity #infosec https://t.co/pqEg7FY3aC https://t.co/qNdJynungt
@twelvesec
7 Dec 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Veeam SPC vulnerabilities (CVE-2024-42448 & CVE-2024-42449) announced! Update to version 8.1.0.21999 to stay secure. Liongard’s new Server Version metric helps MSPs quickly identify and address impacted systems. Stay proactive! 🔗 https://t.co/Pd4nXWQgCC
@LiongardHQ
7 Dec 2024
39 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: Critical Veeam Vulnerabilities Expose Service Provider Console to Cyber Risks CVE-2024-42448 CVE-2024-42449 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/sGSM0aZHcB #CyberSecurity #ThreatIntel #InfoSec (1/3)
@fletch_ai
6 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Veeam publie un correctif pour une vulnérabilité RCE critique dans Service Provider Console, CVE-2024-42448. Analystes Sécurité, ne tardez pas à vous mettre à jour ! #Sécurité #Veeam #RCE 👉 https://t.co/4iS6D4vNIA
@CyberAlertFr
5 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness Old Cisco ASA Vulnerability (CVE-2014-2120) Fuels Androxgh0st Botnet Activity | 04-12-2024 Source: https://t.co/bDqHE5PCeh Key details below ↓ 💀Threats: Androxgh0st, Mozi, 🏭Industry: Iot, E-commerce 🔓CVEs: CVE-2024-42448… https://t.co/MVIvQtR0
@rst_cloud
5 Dec 2024
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two severe vulnerabilities (CVE-2024-42448 & CVE-2024-42449) in @Veeam Service Provider Console (VSPC) could enable remote code execution and data theft. No mitigations exist except upgrading to version 8.1.0.21999 or later. 🔗Read more: https://t.co/yxCkKIHVSP #PatchNow #ISB
@Info_Sec_Buzz
5 Dec 2024
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[Information Security Buzz] Critical Vulnerabilities Found in Veeam Service Provider Console. Two critical vulnerabilities (CVE-2024-42448 and CVE-2024-42449) have been identified in Veeam Service Provider Console (VSPC), prompting an urgent call for... https://t.co/17UvhUErH9
@shah_sheikh
5 Dec 2024
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam warns of critical RCE bug in Service Provider Console: https://t.co/jt1R64mN5f Veeam released security updates addressing two vulnerabilities in the Service Provider Console (VSPC), including a critical remote code execution (RCE) flaw (CVE-2024-42448) with a severity… htt
@securityRSS
4 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam Warns of Critical Vulnerability in Service Provider Console - (CVE-2024-42448) - https://t.co/1UQLbm2roz
@SecurityWeek
4 Dec 2024
1983 Impressions
7 Retweets
16 Likes
0 Bookmarks
1 Reply
0 Quotes
Veeam released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could allow for remote code execution on susceptible instances. Tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. https://t.co/5B8fX848EM https
@riskigy
4 Dec 2024
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam Fixes Critical vulnerability in CVE-2024-42448 #VeeamVSPC #CVE-2024-42448 #CVE-2024-42449 https://t.co/5wjrElRwWo
@pravin_karthik
4 Dec 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨CVE-2024-42448 (CVSS 9.9):Veeam Service Provider Console Remote Code Execution Vulnerability 📊 143K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link: https://t.co/IfEKdrh7rJ 👇Query HUNTER:/product.name=="Veeam Service Provider Console" SHODAN:…
@HunterMapping
4 Dec 2024
2421 Impressions
11 Retweets
31 Likes
8 Bookmarks
0 Replies
0 Quotes
🛡️ Veeam users, take note! A critical flaw in the Service Provider Console (CVE-2024-42448) could allow remote code execution (RCE). CVSS score: 9.9/10—this is as serious as it gets. 🔗 Don't wait, secure your systems today — https://t.co/m3a43gh4Yv #infosec #cybersecurity
@TheHackersNews
4 Dec 2024
12698 Impressions
43 Retweets
91 Likes
14 Bookmarks
3 Replies
1 Quote
🚨 CVE Alert: Critical Veeam Remote Code Execution(RCE) Vulnerability🚨 Vulnerability Details: CVE-2024-42448 (CVSS 9.9/10) Veeam Remote Code Execution(RCE) Vulnerability Impact A Successful exploit may allow a remote threat actor to perform Remote Code Execution (RCE) on the…
@CyberxtronTech
4 Dec 2024
67 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC https://t.co/lJzW2AwJKk
@Dinosn
4 Dec 2024
3763 Impressions
19 Retweets
62 Likes
17 Bookmarks
0 Replies
0 Quotes
Veeam Service Provider RCE Vulnerability Let Attackers Execute Arbitrary Code Source: https://t.co/5UfN7CK1dl CVE-2024-42448 - This flaw allows attackers to execute arbitrary code. CVE-2024-42449 - his security issue enables attackers to steal the NTLM hash. https://t.co/pSeva
@gbhackers_news
4 Dec 2024
117 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Veeam ha corregido dos vulnerabilidades en Veeam Service Provider Console (VSPC) https://t.co/yvQkhKuZiJ ⚠️ CVE-2024-42448 (CVSS v3.1 Score: 9.9) ⚠️ CVE-2024-42449 https://t.co/b4otNPULRv https://t.co/cuv3nOJXUk
@elhackernet
3 Dec 2024
3052 Impressions
13 Retweets
23 Likes
7 Bookmarks
0 Replies
0 Quotes
#Veeam plugs serious holes in #Service #Provider Console (CVE-2024-42448, CVE-2024-42449) https://t.co/LEpecdpyAd
@ScyScan
3 Dec 2024
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes