ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·4/7/2023
CVE-2021-27877 added to CISA KEV: Veritas Backup Exec Agent
Status: ✅ Confirmed exploited in the wild
Date added: 2023-04-07
Required action: Apply updates per vendor instructions.
Due date: 2023-04-28
Why this matters
Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.