Veeam has deployed patches to contain a critical security deficiency that affects its backup software and replication, which could lead to a remote code under certain conditions.
Security defect, tracked as CVE-2025-23121, carries the CVSS 9.9 with a maximum of 10.0.
“The vulnerability that allows you to execute the deleted code (RCE) on the backup server Authorized User Domain,” Company – Note In advisory.
CVE-2025-23121 affects all previous versions of the 12 assembly, including 12.3.1139. It was considered in the version 12.3.2 (assembly 12.3.3617). Safety Researchers in the WHITE GmbH and Watchtowr code were enrolled and the vulnerability report.
Cybersecurity Company Rapid7 noted that update is probably referring problem Total Code White at the end of March 2025Cve-2025-23120CVSS’s assessment: 9.9) you can bypass.
Also addressed to Veeam-still one drawback in the same product (CVE-2025-24286, CVSS Assessment: 7.2), which allows the user authentication with the role of the backup operator to change the work backup, which can lead to the code arbitrary.
The American company separately fixed the vulnerability that affected Veeam Agent for Microsoft Windows (CVE-2025-24287, CVSS: 6.1), which allows local users to change the contents of the catalog, leading to high resolution code. The problem was recorded in the version 6.3.2 (assembly 6.3.1205).
According to Rapid7, More than 20% of responding cases to incident In 2024, it was either access or VEEAM’s exploitation when the threatening actor was already entrenched in the target.
With security deficiencies in Veeam Rackup software become the main goal for attackers In recent years, it is very important that customers are updated to the latest software with immediate effect.
