I’ve Got Your Back…..up!

Share This Post

CISA is alerting that Veeam versions 9.5, 10, and 11 contain 2 critical vulnerabilities that are actively being exploited in the wild. The two vulnerabilities, listed as CVE-2022-26500 and CVE-2022-26501, are both rated 9.8 on the CVSS scoring system and can be leveraged to gain control of a system. Veeam released advisories for these in March 2022 and has since released patches for both vulnerabilities, as long as you are on versions 10 or 11. If you are on version 9.5 the only fix is to upgrade to a supported version, then patch to version 10a or 11a.

The vulnerabilities are a result of the Veeam Distribution Service allowing unauthenticated users to access internal API functions. This would allow a remote attacker to send input to the service leading to uploading and executing malicious code.

As always, perform a threat-hunt to ensure that you’ve not been compromised, a patch does not fix a past compromise where an attacker left persistence mechanisms behind.

Link to CISA alert https://thehackernews.com/2022/12/cisa-alert-veeam-backup-and-replication.html

Link to Veeam advisories including links to patches https://www.veeam.com/kb4288



Reach out to our incident response team for help

More To Explore

Information Security News – 07/06/26

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation Article Link: https://thehackernews.com/2026/07/sharepoint-rce-cve-2026-45659-added-to.html ‘Djinn’ Stealer Targets Cloud, AI Credentials Article Link: https://www.darkreading.com/cyberattacks-data-breaches/djinn-stealer-targets-cloud-ai-credentials ChocoPoC Malware Targets

Information Security News – 6/29/26

SimpleHelp Bug Lets Hackers Create Rogue Remote Support Accounts Article Link: https://www.bleepingcomputer.com/news/security/simplehelp-bug-lets-hackers-create-rogue-remote-support-accounts/ New macOS ClickFix Attack Silently Mounts DMGs to Push Infostealer Article Link: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.