VTS24-012
Security Advisory affecting NetBackup on Windows
Revision History
- 1.0: November 4, 2024: Initial version
- 2.0: November 26, 2024: Additional hotfixes added
- 3.0: December 04, 2024: CVE ID added
Issue: Privilege escalation vulnerability in NetBackup on Windows
Veritas NetBackup primary server, media server, and clients running on Windows OS are vulnerable to an attack that could be used to escalate privileges.
This attack requires the attacker to have write access to the root drive where NetBackup is installed, allowing them to install a malicious DLL. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, the malicious DLL could be loaded, resulting in execution of the attacker’s code in the user’s security context.
Note: This only applies to NetBackup components running on a Windows Operating System.
CVE ID: CVE-2024-52945
Severity: High
CVSS v3.1 Base Score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CWE-427 – Uncontrolled Search Path Element
Affected Components: NetBackup Client, Primary Server and Media Server Components
Affected Versions: 10.4.0.1, 10.4, 10.3.0.1, 10.3, 10.2.0.1, 10.2, 10.1.1, 10.1, 10.0.0.1, and 10.0. Older unsupported versions may also be affected.
Recommended Action:
- Upgrade to NetBackup Version 10.5 or
- Upgrade to NetBackup Version 10.4.0.1 and apply hotfix from the download center
- Upgrade to NetBackup Version 10.3.0.1 and apply hotfix from the download center
- Upgrade to NetBackup Version 10.2.0.1 and apply hotfix from the download center for clients. For primary and media server, use the Alternate Mitigation steps listed below.
- Upgrade to NetBackup Version 10.1.1 and apply hotfix from the download center for clients. For primary and media server, use the Alternate Mitigation steps listed below.
Alternate Mitigation:
1. Create a directory named “bin” under the root drive where NetBackup is installed. If this directory pre-exists, proceed to Step 2.
- Example: C:\bin (If NetBackup is installed at C:\ drive)
2. Restrict this newly created directory to administrative users only.
Questions
For questions or problems regarding these vulnerabilities please contact Veritas Technical Support (https://www.veritas.com/support/en_US/contact-us)
Disclaimer
THE SECURITY ADVISORY IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. VERITAS TECHNOLOGIES LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
Veritas Technologies LLC
2625 Augustine Drive
Santa Clara, CA 95054