Veeam Addressed Critical Vulnerabilities Impacting Backup and Replication (CVE-2025-48983 & CVE-2025-48984)

Posted by Author Diksha Ojha on Posted on

Veeam released a security advisory to address two vulnerabilities impacting its Backup and Replication application. Successful exploitation of the vulnerabilities could allow an authenticated domain user to gain complete control of the backup environment, leading to loss of backup integrity, data theft, and potential compromise of production systems.

Veeam Backup & Replication is one of the industry-leading backup, recovery, and data security solutions for all workloads, both on-premises and in the cloud. The software provides secure, robust, and reliable data protection. With a software-defined, hardware-independent solution, the software can eliminate downtime with instant recovery, protect from cyber threats with native immutability, and use validated backups.

CVE-2025-48983

The vulnerability has a critical severity rating with a CVSS score of 9.9. The vulnerability exists in the Mount service of Veeam Backup & Replication, which allows for remote code execution on the Backup infrastructure hosts by an authenticated domain user.

Note: This vulnerability only impacts domain-joined backup infrastructure servers added to Veeam Backup & Replication v12.

CVE-2025-48984

The vulnerability has a critical severity rating with a CVSS score of 9.9. Sina Kheirkhah and Piotr Bazydlo of watchTowr discovered and reported the vulnerability to Veeam. Successful exploitation of the vulnerability may allow an authenticated domain user to achieve remote code execution.

Note: This vulnerability only impacts domain-joined backup infrastructure servers added to Veeam Backup & Replication v12.

Affected Versions

The vulnerabilities affect Veeam Backup & Replication 12.3.2.3617 and all earlier versions of 12 builds.

Note: The Veeam Software Appliance and upcoming Veeam Backup & Replication v13 software for Microsoft Windows are architecturally unaffected by these vulnerabilities.

Mitigation

Users must upgrade to Veeam Backup and Replication version 12.3.2.4165 to patch the vulnerabilities.

Please refer to the Veeam Security Advisory (KB4771) for more information.

Qualys Detection

Qualys customers can scan their devices with QID 385539 to detect vulnerable assets.

Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.

References
https://www.veeam.com/kb4771

Leave a Reply

Your email address will not be published. Required fields are marked *