Executive Risk Summary
"Veritas System Recovery before 23.3_Hotfix has incorrect permissions for the Veritas System Recovery folder, allowing low-privileged users to conduct attacks. This vulnerability can be exploited by attackers to gain unauthorized access to sensitive data and systems."
Anticipated Attack Path
- 1. Initial Exploitation: Low-privileged user gains access to the Veritas System Recovery folder
- 2. Privilege Escalation: Attacker exploits incorrect permissions to gain elevated access
- 3. Lateral Movement: Attacker moves laterally within the system to access sensitive data
Am I Vulnerable?
- Verify folder permissions for the Veritas System Recovery folder
- Check for any suspicious activity or access attempts
- Review system logs for potential security incidents
Operational Audit Arsenal
Target Type Folder
Target Asset Veritas System Recovery
Standard Path C:\Program Files\Veritas\System Recovery
Manual Verification Required
This is a non-Windows asset (Veritas). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Minimal to Moderate
Internal Work Notes
CVE-2024-35204: Incorrect permissions in Veritas System Recovery folder, allowing low-privileged users to conduct attacks. Apply hotfix 23.3_Hotfix to remediate the vulnerability.
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Related Veritas Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.