CVE-2024-45207

high

Veeam

CVSS v3 Base Score

7.0

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Characteristics

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Confidentiality

High

Integrity

High

Availability

High

Published: December 4, 2024 (526 days ago)

Last Modified: July 2, 2025

Vendor: Veeam

Source: NVD

Description

DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services

References

🔗 www.veeam.com

CVE-2024-45207

Vulnerability Report

Description

References