Описание
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services
Ссылки
- Vendor Advisory
Уязвимые конфигурации
EPSS
7 High
CVSS3
Дефекты
Связанные уязвимости
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services
Уязвимость средства резервного копирования данных Veeam Agent for Microsoft Windows, связанная с использованием ненадёжного пути поиска, позволяющая нарушителю выполнить произвольный код
EPSS
7 High
CVSS3