Cyber Security News

Veeam Backup Vulnerability Allows Attackers to Execute Arbitrary Code

A critical vulnerability, CVE-2025-23114, has been discovered within the Veeam Updater component that poses a serious risk to organizations utilizing Veeam’s backup solutions.

The flaw allows attackers to leverage a Man-in-the-Middle (MitM) attack to inject and execute arbitrary code with root-level permissions on the affected appliance server.

The vulnerability, reported through HackerOne by security researcher @putsi, has been assigned a CVSS v3.1 severity score of 9.0, categorizing it as critical.

Affected Products

Current Releases

The vulnerability impacts the current and older versions of Veeam Backup for Salesforce (3.1 and older).

Previous Releases

Older releases of other Veeam backup products, utilizing outdated Veeam Updater components, are also vulnerable. An update to the latest version of these products addresses the issue.

  • Veeam Backup for Nutanix AHV (Versions 5.0, 5.1)
    • Fixed in version 6 or higher (released August 24, 2024).
  • Veeam Backup for AWS (Versions 6a, 7)
    • Fixed in version 8 (released July 2, 2024).
  • Veeam Backup for Microsoft Azure (Versions 5a, 6)
    • Fixed in version 7 (released July 2, 2024).
  • Veeam Backup for Google Cloud (Versions 4, 5)
    • Fixed in version 6 (released December 3, 2024).
  • Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization (Versions 3, 4.0, 4.1)
    • Fixed in version 5 or higher (released August 24, 2024).

Veeam has addressed the vulnerability by releasing updated versions of the Veeam Updater component. The patched versions include:

  • Veeam Backup for Salesforce: Version 7.9.0.1124
  • Veeam Backup for Nutanix AHV: Version 9.0.0.1125
  • Veeam Backup for AWS: Version 9.0.0.1126
  • Veeam Backup for Microsoft Azure: Version 9.0.0.1128
  • Veeam Backup for Google Cloud: Version 9.0.0.1128
  • Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization: Version 9.0.0.1127

Users are advised to check for updates via the built-in Veeam Updater. To confirm the Veeam Updater version in use, review the update logs or history.

CVE-2025-23114 serves as a critical reminder for organizations to stay vigilant against software vulnerabilities by ensuring timely updates. Veeam has urged its users to upgrade to the latest versions immediately to mitigate the risk of exploitation.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems across…

8 hours ago

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular…

8 hours ago

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its focus…

8 hours ago

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu, has…

8 hours ago

Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked Transparent…

8 hours ago

LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant…

9 hours ago