Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Posted on By CWS

Jan 07, 2026Ravie LakshmananVulnerability / Enterprise Safety
Veeam has launched safety updates to handle a number of flaws in its Backup & Replication software program, together with a “vital” difficulty that would lead to distant code execution (RCE).
The vulnerability, tracked as CVE-2025-59470, carries a CVSS rating of 9.0.
“This vulnerability permits a Backup or Tape Operator to carry out distant code execution (RCE) because the postgres person by sending a malicious interval or order parameter,” it mentioned in a Tuesday bulletin.
Based on Veeam’s documentation, a person with a Backup Operator function can begin and cease current jobs; export backups; copy backups; and create VeeamZip backups. A Tape Operator person, however, can run tape backup jobs or tape catalog jobs; eject tapes; import and export tapes; transfer tapes to a media pool; copy or erase tapes; and set a tape password.
In different phrases, these roles are thought of extremely privileged, and organizations ought to already be taking satisfactory protections to stop them from being misused.

Veeam mentioned it is treating the shortcoming as “excessive severity” regardless of the CVSS rating, stating the chance for exploitation is diminished if clients observe Veeam’s really helpful Safety Pointers.
Additionally addressed by the corporate are three different vulnerabilities in the identical product –

CVE-2025-55125 (CVSS rating: 7.2) – A vulnerability that permits a Backup or Tape Operator to carry out RCE as root by making a malicious backup configuration file
CVE-2025-59468 (CVSS rating: 6.7) – A vulnerability that permits a Backup Administrator to carry out RCE because the postgres person by sending a malicious password parameter
CVE-2025-59469 (CVSS rating: 7.2) – A vulnerability that permits a Backup or Tape Operator to write down recordsdata as root

All 4 recognized vulnerabilities have an effect on Veeam Backup & Replication 13.0.1.180 and all earlier variations of 13 builds. They’ve been addressed in Backup & Replication model 13.0.1.1071.
Whereas Veeam makes no point out of the issues being exploited within the wild, it is important that customers promptly apply the fixes, on condition that vulnerabilities within the software program have been exploited by menace actors up to now.

The Hacker News Tags:, , , , , , ,

Related Posts

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms The Hacker News
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors The Hacker News
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV The Hacker News
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown The Hacker News
China-Based APTs Deploy Fake Dalai Lama Apps to Spy on Tibetan Community China-Based APTs Deploy Fake Dalai Lama Apps to Spy on Tibetan Community The Hacker News
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page The Hacker News