ush.it - a beautiful place

Veeam Backup & Replication Local Privilege Escalation Vulnerability

October 8, 2015 at 5:02 pm - Filed under Hacks - 1737 words, reading time ~5 minutes - Permalink - Comments

Pasquale "sid" Fiorillo found a critical vulnerability in Veeam Backup & Replication version 6, 7 and 8. At the time of writing this impact a very large of updated and outdated/legacy Veeam deployments. The vulnerability allows a local unprivileged user of a Windows guest to gain Local and/or Domain Administrator access when VeeamVixProxy is active, the de-facto default in VMWare and Hyper-V environments.

THP USH Wisec DigitalBullets