CVE-2020-10915
CVE-2020-10915
In short
A flaw in VEEAM One Agent allows attackers to run malicious code remotely without needing to log in. The vulnerability exists in how the software processes incoming data without properly checking if it's trustworthy, making it easy for attackers to take control of the system.
Technical detail
The HandshakeResult method in VEEAM One Agent 9.5.4.4587 lacks input validation on deserialization of untrusted data, allowing unauthenticated remote code execution. An attacker can craft malicious serialized objects and send them to the vulnerable endpoint to achieve arbitrary code execution with service account privileges.
Summary generated and translated by AI from the official description.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-10401.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
VEEAM · One Agentpublic PoCs found — 2
githubgithub.com/Cinnamon1212/Modified-CVE-2020-10915-MsfModule★ 0cve_referencepacketstormsecurity.com/files/157529/Veeam-ONE-Agent-.NET-Deserialization.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →