June 2025 – In a move to fortify its software against potential cyber threats, Veeam has issued essential security updates addressing several high-risk vulnerabilities identified in its Backup & Replication suite.
Foremost among the flaws is CVE-2025-23121, a severe remote code execution (RCE) vulnerability that received a CVSS rating of 9.9, just shy of the maximum. The issue could allow a domain-authenticated user to execute arbitrary commands on the backup server. This vulnerability affects all builds of version 12 preceding the newly released version 12.3.2 (build 12.3.2.3617), where the issue has now been resolved.
The discovery of the flaw is credited to researchers at CODE WHITE GmbH and watchTowr, both of whom reported the issue through responsible disclosure channels.
Cybersecurity analysts at Rapid7 have observed that the latest patch could potentially resolve unresolved issues linked to a previously disclosed vulnerability, CVE-2025-23120. Although a fix was introduced earlier in the year, questions remained regarding its resilience against bypass techniques. The original flaw was considered highly critical, receiving a CVSS score of 9.9, underscoring its severity.
In addition to the primary RCE issue, Veeam has patched a separate vulnerability (CVE-2025-24286, CVSS 7.2), that enabled users with the Backup Operator role to change backup settings, opening the door to unauthorized code execution.
Another fix targets a weakness in the Veeam Agent for Microsoft Windows, designated CVE-2025-24287 and rated at 6.1 on the CVSS scale. A flaw identified in the Veeam Agent for Microsoft Windows permitted local users to alter protected directories, which could result in the execution of code with elevated privileges. This vulnerability has been addressed in version 6.3.2 (build 6.3.2.1205).
An internal review conducted by Rapid7 revealed that, throughout 2024, more than one in five incident response cases involved some form of Veeam software compromise following an initial intrusion—emphasizing the importance of timely patch management.
With backup systems increasingly targeted following security breaches, it is crucial for organizations relying on Veeam software to implement the latest updates promptly to minimize potential risks.
