Post

Veeam Patches Critical Vulnerabilities in Backup & Replication Software

Posted
By Tom Grant
1 min read
Veeam Patches Critical Vulnerabilities in Backup & Replication Software

TL;DR

Veeam recently addressed several critical vulnerabilities in its Backup & Replication product. The most severe issue, CVE-2025-23121, allows remote code execution by authenticated domain users. Other notable vulnerabilities include CVE-2025-24286 and CVE-2025-24287, affecting backup job modifications and local system permissions, respectively.

Critical Vulnerabilities Addressed in Veeam Backup & Replication

Veeam has released security patches to address critical vulnerabilities in its Backup & Replication solution. The most severe of these, CVE-2025-23121, has a CVSS score of 9.9 and can potentially allow remote code execution by authenticated domain users1.

Impact and Details

The vulnerability affects Backup & Replication 12.3.1.1139 and all earlier version 12 builds2.

Researchers at CODE WHITE GmbH and watchTowr reported the issue to Veeam. Rapid7’s analysis revealed that the patch for a previous vulnerability, CVE-2025-23120, could be bypassed, leading to the discovery of CVE-2025-23121. Veeam’s advisory confirms that the new vulnerability shares similar exploitation conditions with the previous one3.

Additional Vulnerabilities Addressed

  1. CVE-2025-24286 (CVSS score: 7.2):
    • Impact: Allows authenticated users with the Backup Operator role to modify backup jobs, potentially leading to arbitrary code execution.
    • Discovered by: Nikolai Skliarenko with Trend Micro4.
  2. CVE-2025-24287 (CVSS score: 6.1):
    • Impact: Affects Veeam Agent for Microsoft Windows, allowing local system users to modify directory contents and execute arbitrary code with elevated permissions.
    • Discovered by: CrisprXiang through Trend Micro Zero Day Initiative5.

Conclusion

Veeam’s proactive approach to addressing these vulnerabilities underscores the importance of regular security updates. Users are advised to apply the patches immediately to mitigate potential risks. For more details, visit the full article: source6.

References

  1. “advisory” (2025). “Veeam Security Advisory”. Veeam. Retrieved 2025-06-18. ↩︎

  2. “earlier version 12 builds” (2025). “Veeam Knowledge Base”. Veeam. Retrieved 2025-06-18. ↩︎

  3. “Rapid7” (2025). “Rapid7 Blog”. Rapid7. Retrieved 2025-06-18. ↩︎

  4. “Nikolai Skliarenko” (2025). “Trend Micro”. Trend Micro. Retrieved 2025-06-18. ↩︎

  5. “CrisprXiang” (2025). “Trend Micro Zero Day Initiative”. Trend Micro. Retrieved 2025-06-18. ↩︎

  6. “source” (2025). “Security Affairs”. Security Affairs. Retrieved 2025-06-18. ↩︎

Cybersecurity & Data Protection, Vulnerabilities
cybersecurity vulnerability patch
This post is licensed under CC BY 4.0 by the author.