Security Alerts
Our support will regularly inform you of important events here.
Would you like to be notified by e-mail in case of future Security Alerts? Then sign up here in!
CVE-2024-42448
makes it possible for an attacker to remotely execute code on the VSPC server from an authorised management agent machine. This means that an attacker can gain full control over the server, which can lead to serious security problems. The severity of this vulnerability has been rated as critical, with a CVSS score of 9.9.
CVE-2024-42449
This vulnerability allows an attacker to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server, also from an authorised management agent machine. This could lead to data leakage and loss of important data. The severity of this vulnerability is high, with a CVSS score of 7.1.
Risks
If you do not take action, with CVE-2024-42448, attackers can execute arbitrary code on your server. With CVE-2024-42449, attackers can steal sensitive information and delete files, which can lead to data breaches and loss of critical data.
Take action
The only solution to both vulnerabilities is to update to the latest version of Veeam Service Provider Console, version 8.1.0.21999.
Existing VanRoey 'Private Cloud' customers or customers using our console have/had nothing to fear anyway as this environment is already extra strictly secured from external access. This console will also be upgraded in a planned maintenance session in the near future, which means that the necessary security patches will be applied immediately.
No other mitigations are available, so it is essential to implement this update as soon as possible to protect your systems. Of course, we can arrange this for you.
Not a customer yet? Feel free to contact us via support@vanroey.be or count: 014 470 600. As an existing, non-managed customer, you can also have a create a ticket.
A critical vulnerability has been discovered in FortiManager, Fortinet's central management platform used to manage the configuration, security policies and updates of Fortinet devices (e.g. FortiGate firewalls). This CVE could allow attackers to gain unauthorised access to sensitive systems if not patched.
Take action
What should you do?
- This vulnerability was patched with subsequent versions:
Version Affected Solution FortiOS 7.4 7.4.0 to 7.4.1 Upgrade to 7.4.2 or higher FortiOS 7.2 7.2.0 to 7.2.7 Upgrade to 7.2.8 or higher FortiOS 7.0 7.0 all versions Migrate to a version that has been patched FortiOS 6.4 6.4 all versions Migrate to a version that has been patched - If this is not a possibility for the time being, temporarily turning off your FortiManager is an alternative security measure. This has no impact on the operation of e.g. your firewalls.
What does VanRoey do?
- Our Managed Services customers can rest assured that we are in the process of applying the above patches or have already done so.
Are you not a Managed Services customer and need support to fix this important vulnerability? Please do not hesitate to contact our Support Service.
A new vulnerability (CVE) has been discovered in Veeam Backup & Replication versions older than v12.1.2.172. This means that all versions below this version should be patched.
Take action
If you use our Full Managed services, you don't need to worry. Our will securely provide your environment with the right updates.
Are you not a Managed Services customer and need help with this important update? Then don't hesitate to contact our specialists!
VMware has fixed 2 critical vulnerabilities (CVE-2024-37079 + CVE-2024-37080) impacting vCenter Server versions 7.0 & 8.0, as well as Cloud Foundation versions 4.x & 5.x.
A hacker with network access to the vCenter Server could exploit this vulnerability by sending a specially crafted network packet that might lead to execution of external code. For now, Broadcom has not received any reports of abuse of this vulnerability.
Both CVEs are 'heap-overflow' vulnerabilities in the implementation of the DCE/RPC protocol. They have high risk scores because the attacks can be performed remotely without any user interaction.
Take action
So upgrading/patching is a must. Temporarily, you could also restrict access via advanced firewall configurations to minimise possible attack attempts.
Customers who use our Managed Services enjoy are safe. They have since been patched or are being patched by appointment.
The impact of the operation/upgrade is that VCenter needs to be restarted, which (only) VCenter unreachable for up to one hour.
Feel free to contact us to fix this problem for you. You can do this by mail at support@vanroey.be or count: 014 470 600. You can also have a create a ticket.
Fortinet has released important security updates for FortiOS firmware versions 6.0, 6.2, 6.4, 7.0, 7.2, 7.4 and 7.6.
An out-of-bounds write vulnerability is thus shielded. You can find more info on this vulnerability at this link.
Take action
The above vulnerability is very critical (CVE score = 9.8) and therefore immediate action is required!
We noticed this remarkable amount of updates being made available yesterday and have proactively anticipated this. So if you have a service contract, you have already been contacted and/or the necessary patches are being rolled out. This further ensures the security of your IT environment.
Don't have a service contract and would like to call on our experts to update your firewall(s)? Then contact us via the info below.
VMware has addressed vulnerabilities hidden in vCenter Server. These vulnerabilities were announced under CVE-2023-34048, CVE-2023-34056. A similar vulnerability was also fixed earlier this year.
A malicious person with network access to vCenter Server could potentially exploit this problem to execute arbitrary code on the underlying operating system.
Take action
The severity of this vulnerability is high (CVE score = 9.8), which means action is required. We recommend that you upgrade vCenter to version 7.0U3o or 8.0U1d. This upgrade will not cause any disruption to your environment and can be performed during business hours.
Given the urgency of the situation, we are implementing these upgrades proactively at our Managed Services clients.
Do you have questions about this or do you, as a non-Managed Services customer, still want support? Please do not hesitate to contact us: support@vanroey.be.
Alerts in your mailbox?
Would you like to be notified by e-mail in case of future Security Alerts?
