僜僼僩僂僃傾偺惼庛惈偑埆梡偝傟傞傑偱偵婇嬈偑懳墳偡傋偒偙偲偲偼

僜僼僩僂僃傾偺惼庛惈懳墳偼擄偟偄丅婇嬈偼懡悢偺僜僼僩僂僃傾傪棙梡偟偰偍傝丄偦傟傜慡偰傪昁偢偟傕娗棟偱偒偰偄傞偲偼尵偊側偄偐傜偩丅惼庛惈忣曬偼枅擔偺傛偆偵敪昞偝傟偰偍傝丄婇嬈懁偺懳墳偑捛偄晅偄偰偄側偄応崌傕偁傞丅偙偆偟偨拞丄峌寕幰偼偳偺傛偆偵摦偄偰偄傞偺偩傠偆偐丅

» 2024擭11寧27擔 07帪00暘岞奐

[Matt Kapko丆Cybersecurity Dive]

丂帺幮偑巊偭偰偄傞僜僼僩僂僃傾偵惼庛乮偤偄偠傖偔乯惈偑尒偮偐偭偨偲偒丄偳偺傛偆偵懳墳偡傋偒側偺偩傠偆偐丅

丂偦傕偦傕帺幮偑棙梡偟偰偄傞僜僼僩僂僃傾傪攃埇偟偰偄側偗傟偽傕偪傠傫懳墳偱偒側偄丅惼庛惈忣曬傪僂僅僢僠偟偰偄側偗傟偽丄奐敪尦偺敪昞偵婥偑晅偐側偄丅攃埇偟偰偄偨偲偟偰傕丄忢偵摦嶌偟偰偄傞僜僼僩僂僃傾偺応崌丄掕婜儊儞僥僫儞僗偺帪婜傑偱懳墳偱偒側偄偙偲傕懡偄丅

惼庛惈偑埆梡偝傟傞慜偵婇嬈偼壗傪偡傋偒偐

丂儀儞僟乕偐傜敪昞偝傟偨惼庛惈偑僒僀僶乕峌寕幰偵埆梡偝傟傞慜偵丄儐乕僓乕婇嬈偼偳偺傛偆偵懳墳偡傋偒偐丅

丂Veeam Software乮Veeam乯偺椺傪婎偵夝愢偡傞丅

丂壖憐儅僔儞傗暔棟儅僔儞丄僋儔僂僪偺僶僢僋傾僢僾傗儗僾儕働乕僔儑儞丄暅尦偵棙梡偝傟偰偄傞乽Veeam Backup and Replication乿偵偁傞惼庛惈偑尒偮偐偭偨丅

丂Veeam偼2024擭9寧4擔偺僙僉儏儕僥傿懍曬偱丄嫟捠惼庛惈昡壙僔僗僥儉乮CVSS乯偱乽CVE-2024-40711乿偲偟偰幆暿偝傟偰偄傞惼庛惈偵偮偄偰敪昞偟偨丅僗僐傾偼9.8偩丅偝傜偵婇嬈岦偗偺僶僢僋傾僢僾僜僼僩僂僃傾偵娭楢偡傞傛傝僗僐傾偺掅偄5偮偺惼庛惈乽CVE-2024-40713乿乽CVE-2024-40710乿乽CVE-2024-39718乿乽CVE-2024-40714乿乽CVE-2024-40712乿傪岞昞偟偨乮拲1乯乮拲2乯丅

丂CVE-2024-40711偼Veeam Backup and Replication偺僶乕僕儑儞12.1.2.172偲偦傟埲慜偺慡偰偺僶乕僕儑儞偵塭嬁偡傞丅側偍丄Veeam偼僷僢僠傪揔梡偟偨儐乕僓乕偺恖悢傗丄偙偺惼庛惈偵傛傝塭嬁傪庴偗偨儐乕僓乕悢偵娭偡傞尵媦傪旔偗偨丅

丂僒僀僶乕僙僉儏儕僥傿丒僀儞僼儔僗僩儔僋僠儍僙僉儏儕僥傿挕乮CISA乯偼2024擭10寧17擔丄乽CVE-2024-40711乿傪惼庛惈偺僇僞儘僌偵捛壛偟乮拲3乯丄乽偡偱偵儔儞僒儉僂僃傾峌寕偱埆梡偝傟偰偄傞乿偲弎傋偨丅偙偺惼庛惈偼埆堄偺偁傞儁僀儘乕僪傪娷傓怣棅偱偒側偄僨乕僞傪僨僔儕傾儔僀僘偡傞嵺偵埆梡偝傟丄斊嵾幰偵傛傞擣徹偝傟偰偄側偄儕儌乕僩僐乕僪幚峴偵偮側偑傞丅Veeam偺僜僼僩僂僃傾偑婇嬈偺僨乕僞僶僢僋傾僢僾傪巟偊偰偄傞偙偲傪峫偊傞偲丄偳偺傛偆側塭嬁偑偁傞偐暘偐傞偩傠偆丅

丂僒僀僶乕僙僉儏儕僥傿帠嬈傪塩傓Sophos偺嫼埿懳墳僠乕儉X-Ops偵強懏偡傞尋媶幰偼丄2024擭10寧偵CVE-2024-40711傪埆梡偟偨儔儞僒儉僂僃傾峌寕傪彮側偔偲傕4審捛愓偟偨丅X-Ops偼乽儔儞僒儉僂僃傾亀Akira亁偲亀Fog亁偺垷庬偵娭楢偡傞峌寕傪娤應偟偨乿偲弎傋偨丅傑偨摨僠乕儉偼丄2024擭10寧11擔偵乽偄偢傟偺働乕僗偵偍偄偰傕乮拲4乯丄懡梫慺擣徹偑桳岠偵側偭偰偄側偄VPN偺僎乕僩僂僃僀傪巊梡偟偰丄峌寕幰偑懳徾偵傾僋僙僗偟偨乿偲乽X乿偵搳峞偟偨丅

丂CVE-2024-40711偵娭楢偡傞晄惓僾儘僌儔儉偲儔儞僒儉僂僃傾峌寕偵偼嫟捠偺庤弴偑尒偮偐偭偰偄傞丅偮傑傝斊嵾偺摴嬶偲偟偰妋棫偟偰偄傞丅儐乕僓乕懁偱惼庛惈懳墳偑恑傑側偄偲埆塭嬁偼挿婜娫懕偔偩傠偆丅

丂偙偺傛偆側忬嫷偺壓丄Veeam偱僐乕億儗乕僩僐儈儏僯働乕僔儑儞偍傛傃僌儘乕僶儖僷僽儕僢僋儕儗乕僔儑儞僘傪扴摉偡傞僴僀僨傿丒儌儞儘乕丒僋儘僼僩巵乮僔僯傾僨傿儗僋僞乕乯偼丄2024擭10寧21擔偵師偺傛偆偵弎傋偨丅

丂乽摉幮偼2024擭8寧28擔偵Veeam Backup and Replication v12.2偺僜僼僩僂僃傾傾僢僾僨乕僩偱惼庛惈傪廋惓偟偨丅杮傾僢僾僨乕僩偼丄塭嬁傪庴偗偨Veeam偺屭媞慡堳偵捈愙揱偊傜傟偨乿

丂僒僀僶乕僙僉儏儕僥傿帠嬈傪塩傓Censys惼庛惈尋媶幰偼乮拲5乯丄Veeam偑廋惓傪岞奐偟偨2擔屻偵慺憗偔寈崘傪敪偟偨Rapid7傕摨擭9寧9擔偵懕偄偨乮拲6乯丅偙偺帪揰偱偼傑偩埆梡偝傟偨帠椺偼妋擣偝傟偰偄側偐偭偨偑丄惼庛惈偺岞奐偐傜悢擔埲撪偵偼丄PoC乮奣擮幚徹乯偺晄惓僾儘僌儔儉偑晹暘揑偵岞奐偝傟偰偟傑偭偨丅惼庛惈偺敪昞偐傜丄惼庛惈傪斊嵾幰偑棙梡偡傞僜僼僩僂僃傾偺岞奐傑偱偺帪娫揑側梋桾偑傎偲傫偳側偐偭偨偙偲偑暘偐傞丅

儐乕僓乕婇嬈偺懳墳偑撦偄

丂Veeam偑僜僼僩僂僃傾傾僢僾僨乕僩偱惼庛惈傪廋惓偟偰偐傜丄儐乕僓乕婇嬈懁偺懳墳偼恑傫偩偺偩傠偆偐丅

丂廋惓帪揰偐傜1僇寧埲忋宱夁偟偨屻偵丄Sophos偺X-Ops偼儔儞僒儉僂僃傾傪娷傓傾僋僥傿僽側忬懺偵偁傞晄惓僾儘僌儔儉偺捛愓傪奐巒偟偨丅

丂Rapid7偺働僀僩儕儞丒僐儞僪儞巵乮僀儞僥儕僕僃儞僗僨傿儗僋僞乕乯偼丄2024擭10寧21擔偵師偺傛偆偵弎傋偨丅

丂乽Veeam偺惢昳偼恖婥偑偁傝丄儔儞僒儉僂僃傾僌儖乕僾傪娷傓峌寕幰偺庡梫側昗揑偵側偭偰偄傞丅2024擭偵Rapid7偑僀儞僔僨儞僩偵懳墳偟偨働乕僗偺20亾埲忋偑Veeam惢昳偵娭楢偡傞傕偺偩偭偨丅乮崱夞偺帠椺埲慜偵傕乯Veeam Backup and Replication偺惼庛惈偑岞昞偝傟偨悢僇寧屻乣1擭屻偵埆梡偝傟偨働乕僗傕偁傞乿乮僐儞僪儞巵乯

丂Censys偺僙僉儏儕僥傿尋媶幰僸儅僕儍丒儌僥儔儉巵偼乽惼庛惈偑岞奐偝傟偰埲崀丄乮峌寕幰偵懳偟偰乯業弌偟偨傑傑偺Veeam Backup and Replication偺僒乕僶悢偵戝偒側曄壔偼側偐偭偨丅2024擭9寧6擔偵業弌偟偰偄偨2833審偺僀儞僗僞儞僗偼丄摨擭10寧21擔帪揰偱2784審傊偲旝尭偟偨偩偗偩乿偲弎傋偨丅

丂Censys偵傛傞偲丄業弌偟偨僀儞僗僞儞僗偼庡偵墷廈偵廤拞偟偰偄傞丅塸崙偺崙柉曐寬僒乕價僗偺僨僕僞儖晹栧偼丄2024擭10寧11擔偵CVE-2024-40711偺愊嬌揑側埆梡偵娭偡傞僒僀僶乕僙僉儏儕僥傿偺寈崘傪敪偟偨乮拲7乯丅

弌揟丗Critical Veeam CVE actively exploited in ransomware attacks乮Cybersecurity Dive乯
拲1丗Veeam Security Bulletin (September 2024)乮Veeam乯
拲2丗CVE-2024-40711 Detail乮NIST乯
拲3丗Known Exploited Vulnerabilities Catalog | CISA乮CISA乯
拲4丗Sophos X-Ops乮X乯
拲5丗Unauthenticated RCE in Veeam Backup & Replication [CVE-2024-40711]乮Censys乯
拲6丗Multiple Vulnerabilities in Veeam Backup & Replication乮RAPID7乯
拲7丗Critical Veeam Backup & Replication Vulnerability Under Active Exploitation乮NHS England乯

尨暥傊偺儕儞僋

娭楢婰帠

乽嵟傕婋尟側惼庛惈乿偲偼壗偐丂Google偺尋媶幰偑敪尒
Google嶱壓偺Mandiant偺挷嵏偵傛傟偽丄峌寕幰偑埆梡偡傞惼庛惈偺惈幙偑曄傢偭偰偒偨偲偄偆丅峌寕幰偼嵟傕婋尟側惼庛惈傪廤拞揑偵慱偭偰偄偨丅
惌晎傕懳墳偱偒偰偄側偄66審偺廳梫側惼庛惈偲偼
戝婯柾側僒僀僶乕峌寕偺懳徾偲側偭偰偄傞惼庛惈偼偳傟偩傠偆偐丅怣棅偱偒傞忣曬偑昁梫偩偑丄崿棎偟偨忬嫷偑懕偄偰偄傞丅
婛抦偺挷嵏偱偼敪尒偱偒側偄栵夘側惼庛惈偲偼亂僙僉儏儕僥傿拲栚僩僺僢僋亃
崱夞敪昞偝傟偨Windows偺寧椺僙僉儏儕僥傿峏怴僾儘僌儔儉偱偼丄4審偺廳戝側惼庛惈傪娷傓丄92審偺惼庛惈偵懳墳偟偨丅偙傟埲奜偵Windows Server 2025傊儐乕僓乕偺摨堄側偔傾僢僾僌儗乕僪偝傟傞帠椺偑尒偮偐偭偨丅

夛堳搊榐乮柍椏乯

惢昳僇僞儘僌傗媄弍帒椏丄摫擖帠椺側偳丄IT摫擖偺壽戣夝寛偵栶棫偮帒椏傪娙扨偵擖庤偱偒傑偡丅

傾僋僙僗儔儞僉儞僌

SpecialPR

ITmedia偼傾僀僥傿儊僨傿傾姅幃夛幮偺搊榐彜昗偱偡丅