CVE-2023-28759: 
Veritas NetBackup Client vulnerability analysis and mitigation

A vulnerability (CVE-2023-28759) was discovered in Veritas NetBackup before version 10.0 on Windows systems. The vulnerability exists in the way the client validates the path to a DLL prior to loading, which could allow a lower-level user to elevate privileges and compromise the system. This issue was disclosed on March 23, 2023, affecting NetBackup Primary servers, Media servers, and Clients installed on the Windows operating system (Veritas Advisory).

The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 HIGH with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The issue is related to improper validation of DLL paths before loading, which is classified as CWE-427 (Uncontrolled Search Path Element). The vulnerability specifically affects the DLL loading mechanism in NetBackup's Windows client components (NVD).

If exploited, this vulnerability allows a lower-privileged user to elevate their privileges and potentially compromise the entire system. The impact affects all three major security aspects - confidentiality, integrity, and availability - with high severity ratings (Veritas Advisory).

Veritas recommends upgrading to NetBackup version 10.0 or later as the primary mitigation. For users unable to upgrade to version 10.0, alternative mitigations include upgrading to version 8.3.0.1 and applying Hotfix for Etrack 4115799, version 8.3.0.2 with Hotfix for Etrack 4116057, version 9.0.0.1 with Hotfix for Etrack 4116060, or version 9.1.0.1 with Hotfix for Etrack 4115260. Additionally, the issue can be mitigated by ensuring non-admin users do not have access to create files in the DLL search path (Veritas Advisory).

The vulnerability was discovered and reported by the Lockheed Martin Red Team, demonstrating active security research in the enterprise backup software sector (Veritas Advisory).