A fast scan on the favored leak search platform LeakIX, on the time of publishing this text, revealed over 1,000,000 (1186722) doubtlessly affected VSPC cases on the web, with about half of them within the US and Germany alone.
The vulnerability impacts VSPC variations 8.1.0.21377 and earlier (8 and & builds), and has been mounted inside the 8.1.0.21999 replace. “Unsupported product variations are usually not examined, however are possible affected and must be thought of weak,” the corporate wrote.
One other high-severity bug discovered
Together with the important RCE bug, Veeam issued alerts for an additional high-severity flaw, tracked as CVE-2024-42449, which allowed attackers to carry out unauthorized deletion of VSPC server recordsdata.