Jan 07, 2026Ravie LakshmananVulnerability / Enterprise Safety
Veeam has launched safety updates to handle a number of flaws in its Backup & Replication software program, together with a “vital” difficulty that would lead to distant code execution (RCE).
The vulnerability, tracked as CVE-2025-59470, carries a CVSS rating of 9.0.
“This vulnerability permits a Backup or Tape Operator to carry out distant code execution (RCE) because the postgres person by sending a malicious interval or order parameter,” it mentioned in a Tuesday bulletin.
Based on Veeam’s documentation, a person with a Backup Operator function can begin and cease current jobs; export backups; copy backups; and create VeeamZip backups. A Tape Operator person, however, can run tape backup jobs or tape catalog jobs; eject tapes; import and export tapes; transfer tapes to a media pool; copy or erase tapes; and set a tape password.
In different phrases, these roles are thought of extremely privileged, and organizations ought to already be taking satisfactory protections to stop them from being misused.
Veeam mentioned it is treating the shortcoming as “excessive severity” regardless of the CVSS rating, stating the chance for exploitation is diminished if clients observe Veeam’s really helpful Safety Pointers.
Additionally addressed by the corporate are three different vulnerabilities in the identical product –
CVE-2025-55125 (CVSS rating: 7.2) – A vulnerability that permits a Backup or Tape Operator to carry out RCE as root by making a malicious backup configuration file
CVE-2025-59468 (CVSS rating: 6.7) – A vulnerability that permits a Backup Administrator to carry out RCE because the postgres person by sending a malicious password parameter
CVE-2025-59469 (CVSS rating: 7.2) – A vulnerability that permits a Backup or Tape Operator to write down recordsdata as root
All 4 recognized vulnerabilities have an effect on Veeam Backup & Replication 13.0.1.180 and all earlier variations of 13 builds. They’ve been addressed in Backup & Replication model 13.0.1.1071.
Whereas Veeam makes no point out of the issues being exploited within the wild, it is important that customers promptly apply the fixes, on condition that vulnerabilities within the software program have been exploited by menace actors up to now.
