Vulnerability cyber

NAKIVO

Mar 20, 2025 1 min read
NAKIVO

The critical vulnerability identified in NAKIVO Backup and Replication solutions, labeled as CVE-2024-48248, can result in unauthorized arbitrary file reads from vulnerable systems. This vulnerability was actively exploited, thereby allowing attackers to access sensitive files that could include credentials and configuration data. Impact of this vulnerability could extend to sensitive data exposure, and potentially be leveraged in ransomware attacks that could disable recovery options and extract valuable data such as database credentials, AWS keys, and SSH keys. Organizations using the affected versions were urged to update to patch the flaw and secure their backup infrastructure.

Source: https://cybersecuritynews.com/cisa-warns-of-nakivo-backup-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/nakivo

"id": "nak443032025",
"linkid": "nakivo",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'NAKIVO',
                        'type': 'Software Vendor'}],
 'attack_vector': 'Unauthorized Arbitrary File Reads',
 'data_breach': {'data_exfiltration': True,
                 'type_of_data_compromised': ['Credentials',
                                              'Configuration Data',
                                              'Database Credentials',
                                              'AWS Keys',
                                              'SSH Keys']},
 'description': 'The critical vulnerability identified in NAKIVO Backup and '
                'Replication solutions, labeled as CVE-2024-48248, can result '
                'in unauthorized arbitrary file reads from vulnerable systems. '
                'This vulnerability was actively exploited, thereby allowing '
                'attackers to access sensitive files that could include '
                'credentials and configuration data. Impact of this '
                'vulnerability could extend to sensitive data exposure, and '
                'potentially be leveraged in ransomware attacks that could '
                'disable recovery options and extract valuable data such as '
                'database credentials, AWS keys, and SSH keys. Organizations '
                'using the affected versions were urged to update to patch the '
                'flaw and secure their backup infrastructure.',
 'impact': {'data_compromised': ['Credentials',
                                 'Configuration Data',
                                 'Database Credentials',
                                 'AWS Keys',
                                 'SSH Keys']},
 'motivation': ['Data Exfiltration', 'Potential Ransomware'],
 'ransomware': {'data_exfiltration': True},
 'recommendations': ['Update to patch the flaw',
                     'Secure backup infrastructure'],
 'response': {'remediation_measures': ['Update to patch the flaw']},
 'title': 'NAKIVO Backup and Replication Vulnerability (CVE-2024-48248)',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2024-48248'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.