Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the fix as soon as possible. About CVE-2023-27532 The nature of CVE-2023-27532 has not been explained – Veeam only says that “the vulnerable process, Veeam.Backup.Service.exe (TCP 9401 by default), allows an unauthenticated user to request encrypted credentials.” Obtaining encrypted credentials might ultimately allow attackers to gain access to the backup infrastructure hosts, … More
The post Veeam Backup & Replication admins, get patching! (CVE-2023-27532) appeared first on Help Net Security.