Quantcast
Channel: Veeam Support Knowledge Base
Viewing all articles
Browse latest Browse all 4362

Veeam Agent for Microsoft Windows Vulnerability (CVE-2024-29853)

$
0
0

Veeam Agent for Microsoft Windows Vulnerability
(CVE-2024-29853)

KB ID: 4582
Product: Veeam Agent for Microsoft Windows | 2.0 | 3.0.2 | 4.0 | 5.0 | 6.0 | 6.1
Published: 2024-05-21
Last Modified: 2024-05-23
Upgrading Standalone vs Managed Veeam Agent Deployment

Please keep in mind that Veeam Agent for Microsoft Windows (VAW) has two primary operation modes, either standalone or managed. When VAW is managed by Veeam Backup & Replication (VBR) or Veeam Service Provider Console (VSPC), the VAW deployment must be upgraded by the server that manages it. Directly upgrading a VAW deployment that VBR manages will likely result in a compatibility issue if the deployed VAW version is higher than the VBR software expects.

Issue Details

CVE-2024-29853

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.

Severity: High
CVSS v3.1 Score: 7.2AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability testing was only performed against actively supported versions of Veeam Agent for Microsoft Windows.

Solution

The vulnerability documented in this article was fixed starting in the following build:

This build of Veeam Agent for Microsoft Windows was included with Veeam Backup & Replication 12.1.2.172.

To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Viewing all articles
Browse latest Browse all 4362

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>