CyberSecurityBoard
Sponsor Register Login

Critical Veeam Backup & Replication Vulnerability Allows Malicious Remote Code Execution

Veeam Backup & Replication, with its large deployment footprint across enterprise environments, represents a significant target for cybercriminals, particularly ransomware operators seeking to disable recovery options before launching attacks. As backup systems represent the last line of defense against data loss and ransomware attacks, prioritizing their security is essential for maintaining business continuity and data integrity. Security researchers emphasize that Veeam Backup & Replication should never be exposed to the internet as it functions more effectively as an internal attack vector rather than an external one. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. This alert follows other recent CISA warnings about critical vulnerabilities in enterprise software, including flaws in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited. Despite this configuration being discouraged, security experts believe it remains common in many enterprise environments. Security professionals strongly advise against waiting for regular patch cycles and recommend implementing this critical security update immediately. Organizations should verify their patch status immediately and implement appropriate security controls to mitigate exploitation risks. More than 20% of incident response cases 2024 involved Veeam being accessed or exploited after attackers established an initial foothold in target environments. This statistic highlights why backup systems are prime targets for malicious actors looking to cripple an organization’s ability to recover from attacks. Veeam has released a security update to address the vulnerability. She is covering various cyber security incidents happening in the Cyber Space. The frequency of these high-severity vulnerabilities in backup solutions underscores the importance of maintaining rigorous patch management protocols.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 20 Mar 2025 08:25:04 +0000


Cyber News related to Critical Veeam Backup & Replication Vulnerability Allows Malicious Remote Code Execution

Veeam RCE bug lets domain users hack backup servers, patch now - Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. Ransomware gangs have told BleepingComputer in the past that Veeam ...
3 weeks ago Bleepingcomputer.com CVE-2025-23120
Veeam warns of critical bugs in Veeam ONE monitoring platform - Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. The company assigned almost maximum severity ratings to the critical security flaws ...
1 year ago Bleepingcomputer.com CVE-2023-38547 CVE-2023-38549 CVE-2023-41723 FIN7 Cuba
Veeam adds BaaS capabilities for Veeam Backup for Microsoft 365 - Veeam Software has expanded its relationship with Microsoft. Veeam is making it easier for customers to protect Microsoft 365 with Cirrus by Veeam which brings the ease and flexibility of Backup-as-a-Service for Microsoft 365. Utilizing the power and ...
1 year ago Helpnetsecurity.com
Veeam Data Platform 23H2 update enhances resilience against ransomware - 1 release as well as Veeam ONE v12.1 and Veeam Recovery Orchestrator v7. This latest release from Veeam, with a focus on radical resilience, includes hundreds of new features and enhancements designed to not only protect enterprises' most critical ...
1 year ago Helpnetsecurity.com
Veeam RCE Vulnerability Let Any Domain User Hack the Backup Servers - A remote code execution (RCE) vulnerability in Veeam Backup & Replication could allow any domain user to compromise backup servers with SYSTEM-level privileges. The findings, assigned CVE-2025-23120, affect Veeam Backup & Replication ...
3 weeks ago Cybersecuritynews.com CVE-2025-23120
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Critical Veeam Backup & Replication Vulnerability Allows Malicious Remote Code Execution - Veeam Backup & Replication, with its large deployment footprint across enterprise environments, represents a significant target for cybercriminals, particularly ransomware operators seeking to disable recovery options before launching attacks. As ...
3 weeks ago Cybersecuritynews.com
Windows 11 update breaks Veeam recovery, causes connection errors - ​As a temporary workaround, while Microsoft and Veeam are currently investigating this known issue and looking for a fix, users impacted by this issue are advised to recover their computer or data using Veeam Recovery Media generated from a ...
2 weeks ago Bleepingcomputer.com
Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files - The Shadowserver Foundation has reported detecting 208 vulnerable instances of Nakivo Backup & Replication software affected by CVE-2024-48248, a critical vulnerability that enables arbitrary file reads. A critical vulnerability tracked as ...
1 month ago Cybersecuritynews.com CVE-2024-48248
Business Data Backup and Recovery Planning - Data backup and recovery planning is essential in today's interconnected and data-driven business landscape. By understanding the significance of data backup and recovery planning, businesses can effectively protect their critical information and ...
1 year ago Securityzap.com
Windows 11 24H2 Update Breaks Connection to the Veeam Backup Server - For organizations planning recovery operations with Veeam in a Windows 11 environment, creating recovery media on computers running Windows 11 builds earlier than 26100.3194 is advisable until a permanent solution is available. Veeam advises ...
2 weeks ago Cybersecuritynews.com
Critical WordPress Plug-in RCE Bug Exposes Reams of Websites to Takeover - A critical unauthenticated remote control execution bug in a backup plug-in that's been downloaded more than 90,000 times exposes vulnerable WordPress sites to takeover - another example of the epidemic of risk posed by flawed plug-ins for the ...
1 year ago Darkreading.com CVE-2023-6553
CISA Warns of NAKIVO Backup Vulnerability Exploited in Attacks - PoC Released - “This unauthenticated arbitrary file read vulnerability essentially provides attackers with the ability to access any file on the target system, including critical configuration files and credentials,” explained security researchers at ...
3 weeks ago Cybersecuritynews.com CVE-2024-48248
CVE-2007-0228 - The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) ...
7 years ago
Critical Unauthenticated Remote Code Execution Found in Backup Migration Plugin - Wordfence just launched its bug bounty program. On December 5th, 2023, shortly after the launch of our Holiday Bug Extravaganza, we received a submission for a PHP Code Injection vulnerability in Backup Migration, a WordPress plugin with over 90,000+ ...
1 year ago Wordfence.com
50K WordPress sites exposed to RCE attacks by critical bug in backup plugin - A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. Known as Backup Migration, the plugin helps admins automate site backups to ...
1 year ago Bleepingcomputer.com CVE-2023-6553 CVE-2023-45124 Hunters
CVE-2024-21585 - An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap ...
1 year ago Tenable.com
CVE-2023-52587 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 23, 2024 to September 29, 2024) - Software Name Software Slug 012 Ps Multi Languages 012-ps-multi-languages ABC APP CREATOR abcapp-creator Absolute Reviews absolute-reviews Accordion accordions Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads quick-adsense-reloaded Advanced File ...
6 months ago Wordfence.com Slug
CVE-2019-13363 - admin.php?pagenotification_by_mail in Piwigo 2.9.5 has XSS via the nbm&#95;send&#95;html&#95;mail, nbm&#95;send&#95;mail&#95;as, nbm&#95;send&#95;detailed&#95;content, ...
2 years ago
CVE-2025-21881 - In the Linux kernel, the following vulnerability has been resolved: ...
2 weeks ago
CVE-2020-28092 - PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?gTeam&mTask&amy&status3&id,?gTeam&mTask&amy&status0&id,?gTeam&mTask&amy&status1&id,?gTeam&mTask&amy&status10&id ...
4 years ago
CVE-2023-38549 - A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Note: The criticality of this vulnerability is reduced as ...
7 months ago
Ransomware Surge is Driving UK Inflation, Says Veeam - The ransomware epidemic hitting UK businesses is leading many to increase their prices, adding to already high inflation, new data from Veeam has warned. The data protection firm surveyed 100 directors of UK businesses with over 500 employees that ...
1 year ago Infosecurity-magazine.com
CVE-2022-26504 - Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe ...
11 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)