"partners running vulnerable veeam software versions on servers with a huntress agent and has sent incident reports with specific hostnames and huntress agent ids. if you received a report via email or psa integration, we urge you to patch and upgrade to the latest available veeam…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
83%
"and determine how urgently they need to react and respond. additionally, the huntress team uncovered other potential api calls that could be weaponized. we were able to further expand our proof - of - concept to achieve arbitrary code execution. while the unauthenticated credenti…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
55%
"##0223 ) and v11a ( build 11. 0. 1. 1261 p20230227 ) is vulnerable. with a high severity rating and a cvss score of 7. 5, this vulnerability made its rounds across headlines, news outlets, and further scrutiny by security researchers. if you do not know your veeam version and bui…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
52%
"any exploitation in - the - wild. however, on march 9th, huntress researchers caught wind of a twitter post from code white gmbh. cve - 2023 - 27532 in veeam backup & replication is serious, expect exploitation attempts soon. our teammate @ mwulftange was able to develop an explo…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1003OS Credential Dumping
46%
"the veeam backup & replication component ( veeam. backup. service. exe ). seeing the tangible impact, huntress researchers went to work recreating the proof - of - concept and assessing how this may affect our partners. we reached out to code white gmbh for further discussion and…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
41%
"veeam backup & replication cve - 2023 - 27532 response | huntress update 03 / 13 / 2023 2252 et : after taking further inventory of our partner ' s veeam service binary details to review the version number, we uncovered many more unpatched and vulnerable hosts. we are sending inc…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
We cover CVE-2023-27532, a vulnerability in the Veeam Backup & Replication component that allowed an unauthenticated user to retrieve host credentials.