Critical Vulnerabilities Patched in Veeam Products

On 4 September 2024, Veeam released a security bulletin announcing that they have fixed several vulnerabilities affecting various Veeam products. Arctic Wolf has highlighted five of these vulnerabilities, which are classified as critical.?

Vulnerability?	CVSS?	Affected Product?	Description?
CVE-2024-40711?	9.8?	Veeam Backup and Replication?	Enables an unauthenticated attacker to achieve remote code execution (RCE).?
CVE-2024-42024?	9.1?	Veeam ONE?	Allows an attacker with Veeam ONE Agent service account credentials to achieve RCE on the machine where the Veeam ONE Agent is installed.?
CVE-2024-42019?	9.0?	Veeam ONE?	An attacker can exploit this vulnerability to obtain the NTLM hash of the Veeam Reporter Service account, but it requires user interaction and data from Veeam Backup & Replication.?
CVE-2024-38650?	9.9?	Veeam Service Provider Console?	A vulnerability that allows access to the NTLM hash of a service account on the VSPC server by a low-privileged attacker.?
CVE-2024-39714?	9.9?	Veeam Service Provider Console?	Enables RCE on the VSPC server by permitting a low-privileged user to upload arbitrary files to the server.?

Arctic Wolf has not observed any exploitation of these vulnerabilities in the wild and has not identified any publicly available proof of concept (PoC) exploit code. Veeam Backup & Replication, in particular, has been a frequent target for ransomware groups due to its critical role in backup and recovery. Given this historical targeting, threat actors may try to reverse engineer the patches and develop exploits to take advantage of these vulnerabilities in the near future.?

Recommendation?

Upgrade to Latest Fixed Version

Arctic Wolf strongly recommends that customers upgrade to the latest fixed version.?

Product?	Affected Version?	Fixed Version?
Veeam Backup and Replication?	12.1.2.172 and all .??	?
Veeam ONE?	12.1.0.3208 and ?	?
Veeam Service Provider Console?	8.0.0.19552 and all .?	?

Please follow your organisation’s patching and testing guidelines to avoid any operational impact.?

References?

Stay up to date with the?latest security incidents and trends?from Arctic Wolf Labs.?

Explore the latest global threats with the?2024 Arctic Wolf Labs Threats Report.?

? 2026 ��. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Customer Portal Policy	Accessibility Statement	Sustainability Statement	Information Security	Cookies Settings

��

��

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Microsoft Patch Tuesday: April 2026?

CVE-2026-35616: Fortinet Releases Hotfix for Critical Exploited Vulnerability in FortiClient EMS

CVE-2026-2699 & CVE-2026-2701: Progress ShareFile Storage Zones Controller Pre-Auth RCE Chain

Company

Careers

Press