Veeam Agent for Microsoft Windows is a data protection and disaster recovery solution for physical and virtual machines. Veeam Agent for Microsoft Windows safeguards various computers and devices, including desktops, laptops, and tablets. If you run Veeam Backup and Replication Server versions 9.5, 10, and 11. Kindly click this link to find the fix to the reported CVE-2022-26500 and CVE–2022-26501 vulnerabilities. Kindly refer to these related guides: Veeam Certified Architect: A review of the VMCA Training & Certification, Standalone Veeam ONE installation: How to set up Veeam ONE 11 Server, how to uninstall Veeam Backup and Replication from your server, and Azure Backup and Recovery: How to setup Veeam Backup for Microsoft Azure [Part 1].
Vulnerability (CVE-2022-26503) in Veeam Agent for Microsoft Windows allows local privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code with LOCAL SYSTEM privileges. It currently has a severity of High assigned and classified with the CVSS v3 score "7.8". For a detailed list of all Veeam guides, please visit the following link.Cause
Veeam Agent for Microsoft Windows uses Microsoft .NET data serialization mechanisms. A local user can transmit harmful code to Veeam Agent’s network port (default TCP 9395), causing improper deserialization.
Note: To fix the Veeam Agent vulnerability for Microsoft, there’s no workaround like the critical Veeam Backup & Replication vulnerability. Plan a maintenance window to upgrade affected Veeam Agent clients and fix the issue.
Solution
This vulnerability is fixed in the following Veeam Agent for Microsoft Windows patched releases:
– 5 (build 5.0.3.4708)
– 4 (build 4.0.2.2208)
Take note of the following guidance from Veeam on remediating your Veeam Agents:
- To address the Fix Veeam Agent vulnerability for Microsoft, install the patched release manually on standalone Veeam Agent instances. This applies to machines not managed by Veeam Backup & Replication.
- If you manage your Veeam Agents with Veeam Backup & Replication, In that case, you can upgrade your Veeam Agents from the Veeam Backup & Replication Console after installing the cumulative Veeam Backup & Replication patches. Ideally, install the remediated version of VBR that fixes the new critical vulnerabilities and then upgrade your Veeam Agents from there. You can also upgrade the Agents automatically if the “auto-update backup agent” setting is enabled.
- If you are using a version of Veeam Agent for Microsoft Windows before 4, please upgrade to a supported version.
I trust you found this blog post beneficial. If you have any questions, kindly share in the comment section. Looking to fix Veeam Agent vulnerability for Microsoft?