CISA has warned U.S. federal companies to safe their networks towards assaults exploiting a high-severity vulnerability in NAKIVO’s Backup & Replication software program.
Tracked as CVE-2024-48248, this absolute path traversal flaw might be exploited by unauthenticated attackers to learn arbitrary recordsdata on weak units.
The US-based backup and ransomware restoration software program vendor silently patched the security flaw with the discharge of Backup & Replication v11.0.0.88174 in November, nearly two months after being notified of the difficulty by cybersecurity firm watchTowr, who found the vulnerability.
“Exploiting this vulnerability may expose delicate knowledge, together with configuration recordsdata, backups, and credentials, probably resulting in data breaches or additional security compromises,” NAKIVO explains.
“The chances are intensive relying on what’s been built-in, and goes past merely stealing backups — to basically unlocking whole infrastructure environments,” watchTowr added.
In February, watchTowr additionally launched a CVE-2024-48248 proof-of-concept described as a “detection artifact generator” that may additionally function “an unofficial NAKIVO buyer help instrument.”
Whereas NAKIVO didn’t mark the vulnerability as actively exploited in a security advisory final up to date on March sixth, the corporate nonetheless advises clients to examine the system logs for indicators of “unauthorized entry makes an attempt” and “sudden file entry actions.”
Tagged as actively exploited in assaults
At the moment, CISA added CVE-2024-48248 to its Recognized Exploited Vulnerabilities catalog, which lists security bugs flagged by the cybersecurity company as exploited within the wild.
Federal Civilian Govt Department (FCEB) companies now have three weeks, till April ninth, to safe their methods towards assaults, as mandated by the Binding Operational Directive (BOD) 22-01 issued in November 2021.
“These kinds of vulnerabilities are frequent assault vectors for malicious cyber actors and pose vital dangers to the federal enterprise,” CISA mentioned.
Whereas BOD 22-01 solely applies to federal companies, all organizations are suggested to prioritize patching this vulnerability as quickly as attainable to dam ongoing assaults.
NAKIVO has a community of over 8,000 companions worldwide and over 30,000 lively clients in 183 nations, together with high-profile corporations like Honda, Cisco, Coca-Cola, and Siemens.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and defend towards them.
