The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has incorporated a critical security defect affecting NAKIVO Backup & Replication software into its Known Exploited Vulnerabilities (KEV) database, pointing to proof of ongoing exploitation.
The flaw in focus is CVE-2024-48248 (CVSS score: 8.6), a definitive path traversal issue that may enable an unverified attacker to