Veeam Advisory (#1117)

* Veeam Advisory * Update 20241205001 Incorrect CVE mentioned. Added affected versions. Shortened overview. Removed third party reference. --------- Co-authored-by: JadonWill <[email protected]>
wagov · Dec 6, 2024 · a659d37 · a659d37
1 parent d5ae885
commit a659d37
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/docs/advisories/20241205001-Veeam-Critical-Advisory.md b/docs/advisories/20241205001-Veeam-Critical-Advisory.md
@@ -0,0 +1,25 @@
+# Veeam Critical Advisory - 20241205001
+
+## Overview
+
+Veeam has released a security advisory detailing a vulnerability discovered within the Veeam Service Provider Console (VSPC) that could allow Remote Code Execution (RCE) and remove arbitrary files on the VSPC server machine.
+
+## What is vulnerable?
+
+| Product(s) Affected                   | Version(s)  | CVE #                                                             | CVSS v4/v3 | Severity |
+| ------------------------------------- | ----------- | ----------------------------------------------------------------- | ---------- | -------- |
+| Veeam Service Provider Console (VSPC) | All versions < 8.1.0.21999| [CVE-2024-42448](https://nvd.nist.gov/vuln/detail/CVE-2024-42448) | 9.9 | Critical |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- Veeam: <https://www.veeam.com/kb4679>
+
+## 3rd Party Article(s):
+
+- Tenable: <https://www.tenable.com/cve/CVE-2024-42448>