- Nakivo corrected a high severity flaw in November 2024
- However, Cisa has now added it to Kev, signaling abuse in the wild
- The bug can lead to the execution of the remote code
The American Cybersecurity and Infrastructure Safety Agency (CISA) added a Nakivo bug to its known catalog of exploited vulnerabilities (KEV), signaling abuse in the inhabitants and giving government agencies a deadline to apply the provided patch.
The bug in question is followed as CVE-2024-48248. It is a vulnerability of absolute path crossing affecting the backup and replication software, in the versions before 11.0.0.88174.
It has a severity score of 8.6 / 10 (high) and can lead to the execution of remote code in the vulnerable company.
The deadline for the CISA
The bug was corrected in November 2024, two months after being discouraged by Watchtowr Labs.
“The exploitation of this vulnerability could expose sensitive data, including configuration files, backups and identification information, potentially leading to data violations or new security compromises,” said Nakivo in its security notice.
Although the opinion of security does not discuss the idea of abuse in the wild, Cisa deleted any doubt when he added the bug to the Kev catalog. From now on, the Federal Civil Agencies Executive Branch (FCEB) have three weeks (until April 9), to apply the patch or completely stop the Nakivo product.
“These types of vulnerabilities are frequent attack vectors for malicious cyber-actors and present significant risks for the federal enterprise,” said Cisa.
Although FCEB agencies are mandated by the Operational Liaison Directive (BOD) 22-01, commercial companies are not. It would always be wise to follow the example of Cisa and apply the patch, in particular knowing that cybercriminals actively exploit the bug.
Nakivo is a company based in the United States, which specializes in safeguarding, ransomware and recovery after disaster for virtual, physical, cloud and Saas environments.
Backup & Replication is its flagship product, support platforms such as VMware vSphere, Hyper-V, Nutanix AHV, Amazon AWS EC2, Microsoft Azure, Wasabi, Backblaze B2, Microsoft 365 and various NAS devices.
According to some reports, the company has 25,000 customers in 183 countries and a network of more than 7,500 partners worldwide. Some of its customers include Honda, Cisco, Coca-Cola and Siemens. Their clientele extends over several industries, including IT, hospitality, government and education.
Via Bleeping Compompute
