FYSA: Veritas Backup Exec prior to 21.2. - A known exploit is available in the wild

This is a vulnerability reported and patched in 2021, however organized ransomware groups have recently been seen exploiting vulnerabilities found in unpatched, internet-exposed assets running the Veritas Backup Exec Agent to gain initial access and achieve escalation of privileges on vulnerable endpoints.

Veritas urges all customers to immediately update to Backup Exec version 21.2 or later if they have not already done so.

  • March 2023: A known exploit is available in the wild for the vulnerabilities and could be used as part of a ransomware attack.


Backup Exec versions 16.x, 20.x and 21.1 are affected.

Veritas Backup Exec version 21.2 includes fixes for three security issues.

If you have updated to version 21.2 or later, no additional action is needed to address these vulnerabilities at this time.

Additional Information: