NAKIVO Critical Vulnerability: Immediate Action Required
For customers running NAKIVO Backup & Replication, we’ve received an important security advisory regarding a NAKIVO critical vulnerability in versions prior to 11.0.0.88174.
This issue, designated as CVE-2024-48248, allows unauthenticated attackers to read arbitrary files on affected systems. As a result, sensitive information such as configuration files, backups, and credentials could be exposed.
Affected Versions
- NAKIVO Backup & Replication 10.11.3.86570 and earlier,
Why This Matters
This vulnerability poses a serious security risk for organisations relying on NAKIVO for backup and recovery. Without immediate action, attackers could exploit this flaw to access critical data.
Recommended Actions
1. Upgrade Immediately
Update to NAKIVO Backup & Replication version 11.0.0.88174 or later, where the NAKIVO critical vulnerability has been addressed. Download the latest version here.
2. Review Access Logs
Check your system’s access logs for unusual or unauthorised activity to identify potential exploitation attempts.
3. Enhance Network Security
Implement network segmentation and strict access controls to limit exposure of backup systems to untrusted networks.
Please don’t hesitate to get in touch with the Touchpoint team or call us on (02) 8424 3500.