top of page
perceptive_background_267k.jpg

New Veeam vulnerabilities expose backup servers to RCE attacks

Published:

7 January 2026 at 13:06:11

Alert date:

7 January 2026 at 14:02:13

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Enterprise Applications, Ransomware & Malware, Zero-Day Vulnerabilities

Veeam released security updates to address multiple security flaws in its Backup & Replication software, including a critical remote code execution vulnerability that could allow attackers to compromise backup servers. The vulnerabilities pose significant risks to organizations relying on Veeam for backup and disaster recovery operations.

Technical details

Veeam released security updates to patch multiple security flaws in its Backup & Replication software. CVE-2025-59470 is a critical RCE vulnerability that allows a Backup or Tape Operator to perform remote code execution as the postgres user by sending a malicious interval or order parameter. The vulnerability affects Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds. Two additional vulnerabilities were patched: CVE-2025-55125 (high-severity) enables RCE by creating a malicious backup configuration file, and CVE-2025-59468 (medium-severity) enables RCE by sending a malicious password parameter. All require Backup or Tape Operator roles for exploitation.

Mitigation steps:

Update to Veeam Backup & Replication version 13.0.1.1071 released on January 6 to patch the vulnerabilities. Follow Veeam's recommended Security Guidelines to reduce exploitability. Protect Backup and Tape Operator roles as highly privileged roles.

Affected products:

Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds

Related links:

https://www.veeam.com/kb4792
https://www.veeam.com/kb4738#:~:text=CVE%2D2025%2D59470
https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/
https://www.bleepingcomputer.com/news/security/cuba-ransomware-uses-veeam-exploit-against-critical-us-organizations/
https://www.bleepingcomputer.com/news/security/hackers-target-vulnerable-veeam-backup-servers-exposed-online/
https://www.bleepingcomputer.com/news/security/critical-veeam-rce-bug-now-used-in-frag-ransomware-attacks/
https://www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-flaw-in-backup-and-replication-software/
https://www.bleepingcomputer.com/news/security/akira-and-fog-ransomware-now-exploiting-critical-veeam-rce-flaw/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page