NVD disclosure day

Published threat advisories for March 17, 2022

CVE advisoryKnown Exploit

CVE-2022-26501

Veeam Backup & Replication Unauthorized Access Vulnerability

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A flaw in Veeam Backup & Replication allows unauthorized access to internal functions, potentially leading to malicious code execution. This could impact system security and data integrity. The realistic business risk involves unauthorized access and compromise of backup data.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2022-26500

Veeam Backup & Replication Vulnerability Allows Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A flaw in Veeam Backup & Replication allows authenticated users to access internal functions, enabling attackers to upload and execute arbitrary code. This poses a risk of unauthorized system control and potential business disruption. The vulnerability is listed in the CISA Known Exploited Vulnerabilities catalog.

NVD published: • CISA KEV