CVE-2024-42024

HIGH

Veeam One < 12.2.0.4093 - Remote Code Execution

Title source: rule

Description

A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed.

References (1)

[Vendor Advisory] https://www.veeam.com/kb4649

Scores

CVSS v3 8.8

EPSS 0.0431

EPSS Percentile 88.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-250

Status published

Products (1)

veeam/one 12.0.0.2498 - 12.2.0.4093

Published Sep 07, 2024

Tracked Since Feb 18, 2026