FlagThis

CISA has issued a warning to U.S. federal agencies regarding a critical vulnerability, CVE-2024-48248, in NAKIVO's Backup & Replication software. This flaw, an absolute path traversal bug, could allow attackers to access sensitive files, potentially compromising configuration files, backups, and credentials. CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Agencies are urged to apply necessary mitigations by April 9, 2025.

The vulnerability, affecting versions prior to 10.11.3.86570, was discovered by watchTowr Labs, who also published a proof-of-concept exploit. Successful exploitation could allow an unauthenticated attacker to read arbitrary files on the target host via the "/c/router" endpoint. NAKIVO addressed the issue in November 2024 with version v11.0.0.88174. CISA's directive underscores the need for federal agencies to promptly patch the flaw to secure their networks against potential data exposure.

ImgSrc: doingfedtime.co

References :

• Sam Bent: CISA Urges Federal Agencies to Patch NAKIVO Backup & Replication Flaw, Raising Security Concerns
• www.bleepingcomputer.com: CISA tags NAKIVO backup flaw as actively exploited in attacks

Classification:

• HashTags: #CISA #NAKIVO #Vulnerability
• Company: Veeam
• Target: U.S. Federal Agencies
• Product: NAKIVO Backup & Replication
• Feature: File paths
• Malware: CVE-2024-48248
• Type: Vulnerability
• Severity: Critical