Vulnerability Details CVE-2024-45207
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.8%
CVSS Severity
CVSS v3 Score 7.0
References
Products affected by CVE-2024-45207
-
cpe:2.3:a:veeam:veeam_agent_for_windows:*