<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog.</li><li>Ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.</li><li>Veeam released security updates in September 2024 to address multiple vulnerabilities impacting its products, including the critical remote code execution vulnerability CVE-2024-40711.</li><li>CISA orders federal agencies to fix this vulnerability by November 7, 2024.</li></ul>

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Discover more