VanRoey Logo
Search
VanRoey Logo
menu
Header image overlay

Veeam Service Provider Console CVEs

Our support will regularly inform you of important events here.

These CVEs let attackers remotely execute code on the VSPC server from an authorised management agent machine. Data can also be deleted or stolen... So, with scores of 9.9 and 7.1, these are definitely serious!

Veeam Service Provider Console CVEs

Veeam Pro Partner | VanRoey.beCVE-2024-42448

makes it possible for an attacker to remotely execute code on the VSPC server from an authorised management agent machine. This means that an attacker can gain full control over the server, which can lead to serious security problems. The severity of this vulnerability has been rated as critical, with a CVSS score of 9.9.

CVE-2024-42449

This vulnerability allows an attacker to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server, also from an authorised management agent machine. This could lead to data leakage and loss of important data. The severity of this vulnerability is high, with a CVSS score of 7.1.

Risks

If you do not take action, with CVE-2024-42448, attackers can execute arbitrary code on your server. With CVE-2024-42449, attackers can steal sensitive information and delete files, which can lead to data breaches and loss of critical data.

Take action

The only solution to both vulnerabilities is to update to the latest version of Veeam Service Provider Console, version 8.1.0.21999.
Existing VanRoey 'Private Cloud' customers or customers using our console have/had nothing to fear anyway as this environment is already extra strictly secured from external access. This console will also be upgraded in a planned maintenance session in the near future, which means that the necessary security patches will be applied immediately.

No other mitigations are available, so it is essential to implement this update as soon as possible to protect your systems. Of course, we can arrange this for you.

Not a customer yet? Feel free to contact us via support@vanroey.be or count: 014 470 600. As an existing, non-managed customer, you can also have a create a ticket.

Can't create tickets? Ask here to get an account. If our Engineer needs to remotely control your PC, he or she will ask you to run this software .

Download 'remote assistance'

Let our experts guide you

Like thousands of organisations, rely on our knowledge & experience to work out your ideal network, data centre, IT security, CRM / ERP, meeting rooms or digital workplace...

Ask your question
Frame21 Logo
"As CEO of a coworking space, you obviously don't want visitors or permanent residents to be unable to start their meetings on time because of infrastructure problems."
Stéphanie Beyens - CEO Frame 21
Stéphanie Beyens CEO at Frame21
Read Case!
Transparency
"The need for a good ERP system was growing, especially as we were running up against the limits of Excel. The VanRoey cloud-based ERP system, based on Microsoft Business Central and Dynamics 365 CRM, proved to be the perfect match."
Dirk Evenepoel Co-manager BATO
Read Case!
NMBS Logo
"We will get calls from all over Belgium to support people. Then it is ideal to have central management platforms. This allows us to configure or solve almost everything remotely."
Filip d'Haenens
Filip D'Haenens Sr. Architect at YPTO (IT company SNCB)
Read Case!
Indupol logo | VanRoey.be
"We now have one totally integrated package that (new) employees can quickly find their way around. Everything runs centrally from sales order to production, purchasing, accounting and all figures end up in clear reporting."
Bram Van Baelen, Indupol | VanRoey.be
Bram Van Baelen Indupol
Read Case!
Transparency
Alides Logo | VanRoey.be
"The great added value of VanRoey's integrated solution lies in the faster and more mobile availability of information. Moreover, they can be confident that the data they see is correct and up to date."
Thomas de Moor
Thomas De Moor Financial Controller, Alides
Read Case!
Transparency
"The result is a much better running IT infrastructure that is monitored and supported 24/7 by the people of VanRoey. Today we have far fewer problems and employees in other time zones are also assured of solid IT services!"
Guido Peeters IT Manager Biobest
Read Case!
Transparency

Newsletter  | Linkedin

LinkedIn Spotify Instagram Facebook-f Youtube Newspaper

PartnershipsSatisfaction surveyConditionsPrivacy & cookiesCSR/ESG Policy

  BC-Certified-logo_ISO-27001

Our Solutions

Managed IT Services
Security audit
Expertise Services

IT Security Strategy
Train Your Staff (Awareness)
Network Security
Firewalls
Antivirus
Endpoint Defence & Response (EDR)
Cybersecurity for Government (Smals)
Smart AI camera surveillance

VanRoey Private Cloud (IaaS)
Servers & Storage
Apps & device management
Backup Solutions
Networking & Wifi
Internet line & IP VPN
Azure Cloud Solutions
AI-powered CCTV

Copilot AI
Microsoft 365 / Office 365
Microsoft Teams
Microsoft SharePoint
CTOUCH Touchscreens
HP Business Notebooks
Dell XPS & Latitudes
Professional Printers

ERP & CRM With Dynamics 365
Power Platform
Dynamics 365 Real Estate

Events

Training

Inspiration Centre

Jobs

About

ESG

Kempus

Customer Area

Contact