CVE-2020-10914
CVE-2020-10914
In short
A remote attacker can execute arbitrary code on VEEAM One Agent 9.5.4.4587 without authentication by sending specially crafted data that bypasses validation and causes unsafe deserialization. This allows complete compromise of the affected system.
Technical detail
The PerformHandshake method in VEEAM One Agent 9.5.4.4587 fails to validate user-supplied input before deserializing it, enabling unauthenticated remote code execution (RCE) with service account privileges. The attack vector is network-based with no authentication requirement; exploitation results in arbitrary code execution in the service context.
Summary generated and translated by AI from the official description.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PerformHandshake method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-10400.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
VEEAM · One Agentpublic PoCs found — 1
cve_referencepacketstormsecurity.com/files/157529/Veeam-ONE-Agent-.NET-Deserialization.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →