Vulnerability Details : CVE-2020-10914
Public exploit exists!
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PerformHandshake method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-10400.
Vulnerability category: Execute code
Products affected by CVE-2020-10914
- cpe:2.3:a:veeam:one:9.5.4.4587:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-10914
60.93%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-10914
-
Veeam ONE Agent .NET Deserialization
Disclosure Date: 2020-04-15First seen: 2020-05-14exploit/windows/misc/veeam_one_agent_deserializationThis module exploits a .NET deserialization vulnerability in the Veeam ONE Agent before the hotfix versions 9.5.5.4587 and 10.0.1.750 in the 9 and 10 release lines. Specifically, the module targets the HandshakeResult() method used by the Agent. By
CVSS scores for CVE-2020-10914
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
Zero Day Initiative | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-10914
-
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.Assigned by:
- nvd@nist.gov (Primary)
- zdi-disclosures@trendmicro.com (Secondary)
References for CVE-2020-10914
-
https://www.zerodayinitiative.com/advisories/ZDI-20-545/
ZDI-20-545 | Zero Day InitiativeThird Party Advisory;VDB Entry
-
https://www.veeam.com/kb3144
KB3144: Veeam ONE Remote Code Execution VulnerabilitiesVendor Advisory
-
http://packetstormsecurity.com/files/157529/Veeam-ONE-Agent-.NET-Deserialization.html
Veeam ONE Agent .NET Deserialization ≈ Packet Storm
Jump to