Veeam has deployed a patch containing critical security flaws that affect backup and replication software that can result in remote code execution under certain conditions.
A security flaw tracked as CVE-2025-23121 carries a CVSS score of 9.9 out of 10.0.
“A vulnerability that allows authenticated domain users to remote code execution (RCE) on backup servers,” the company said in its advisory.
CVE-2025-23121 affects all previous version 12 builds, including 12.3.1.1139. Addressed in version 12.3.2 (Build 12.3.2.3617). Security researchers at Code White GmbH and WatchTowr are acknowledged to have discovered and reported the vulnerability.
Cybersecurity company Rapid7 said the update is likely to address concerns Code White shared in late March 2025.
Also, what is being addressed in VEEAM is another flaw in the same product (CVE-2025-24286, CVSS score: 7.2), which can lead to arbitrary code execution as authenticated users with the role of backup operator can modify the backup job.
American Company has individually patched vulnerabilities affecting VEEAM agents in Microsoft Windows (CVE-2025-24287, CVSS score: 6.1) that have caused local system users to modify directory content, leading to highly penetrating code execution. This issue is patched in version 6.3.2 (Build 6.3.2.1205).
According to Rapid7, more than 20% of incident response cases in 2024 were involved in either Veeam’s access or exploitation.
As Veeam Backup Software’s security flaws have become a major target for attackers in recent years, it is important for customers to update the latest version of the software instantly and effectively.
Source link
