Veritas Enterprise Vault (NET Remoting Deserialization), Remote Code Execution, CVE-2024-53915 (Critical)

2024-11-30

:

A critical vulnerability (CVE-2024-53915) exists in Veritas Enterprise Vault servers before version 15.2. This vulnerability allows remote attackers to execute arbitrary code on the system due to insecure deserialization of untrusted data received on a .NET Remoting TCP port.

Vulnerability Details:

Platform: Veritas Enterprise Vault
Version: Before 15.2
Vulnerability: Remote Code Execution (RCE)
Severity: Critical (CVSS 3.x score: 9.8)
Date: November 24, 2024 (Published), November 29, 2024 (Last Modified)

What Undercode Says:

This vulnerability is critical and allows attackers to take complete control of the affected system. Veritas users should update their Enterprise Vault servers to version 15.2 or later as soon as possible. Additionally, implementing network segmentation and access controls can help mitigate the risk of exploitation.

Please note: This information is for educational purposes only. We do not recommend attempting to exploit this vulnerability.

References:

Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image

Scroll to Top