A quick scan on the popular leak search site LeakIX, at the time of publishing this article, revealed more than a million (1186722) possible VSPC-related incidents on the Internet, almost half of which are in the US and Germany alone.
The vulnerability affects VSPC versions 8.1.0.21377 and earlier (8 and builds), and is fixed in update 8.1.0.21999. “Unsupported product types are not tested, but may be affected and should be considered vulnerable,” the company wrote.
Another error with high severity has been detected
Along with the critical RCE bug, Veeam issued warnings of another critical vulnerability, tracked as CVE-2024-42449, which allowed attackers to perform unauthorized deletion of VSPC server files.
Source link