CVE-2024-40711

9.8CRITICAL

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).

发布于: 9/7/2024更新于: 10/30/2025
在NVD查看在MITRE查看

CISA已知被利用漏洞

Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution.

所需操作:

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

截止日期:

2024-11-07

已知勒索软件使用

描述

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).

AI分析AI驱动

受影响产品

veeamveeam_backup_\&_replication

参考资料