Breaking
The Best Deals Today: Bravia 8 OLED TV, 4K Blu-rays, Super Monkey Ball Banana Rumble, and More
A therapist says the clients who transform their lives in their fifties and sixties almost always share the same starting point — not a new plan, but the moment they stopped lying to themselves about whether the old plan was working
A therapist says the clients who transform their lives in their fifties and sixties almost always share the same starting point — not a new plan, but the moment they stopped lying to themselves about whether the old plan was working
The introvert’s version of loneliness isn’t the same as the extrovert’s — it isn’t the absence of people, it’s the presence of people you can’t go deep with, and that distinction explains a specific kind of social exhaustion that has no good name in English
A therapist says the clients who transform their lives in their fifties and sixties almost always share the same starting point — not a new plan, but the moment they stopped lying to themselves about whether the old plan was working
The introvert’s version of loneliness isn’t the same as the extrovert’s — it isn’t the absence of people, it’s the presence of people you can’t go deep with, and that distinction explains a specific kind of social exhaustion that has no good name in English
The introvert’s version of loneliness isn’t the same as the extrovert’s — it isn’t the absence of people, it’s the presence of people you can’t go deep with, and that distinction explains a specific kind of social exhaustion that has no good name in English
I worked until 63 so I could retire in 2022 and not be a financial burden to my kids — what I didn’t plan for was the emotional weight of watching them be too busy to notice I was lonely
I worked until 63 so I could retire in 2022 and not be a financial burden to my kids — what I didn’t plan for was the emotional weight of watching them be too busy to notice I was lonely
Claude AI Agents Close 186 Deals in Anthropic’s Marketplace Experiment
25 Apr 2026, Sat
Launch Your Site in 5 Minutes
Cyber Security News

Veeam Backup Vulnerabilities Enables Remote Code Execution as Root

By rssfeeds-admin No Comments
Four critical flaws in Veeam Backup & Replication v13, which could allow attackers to gain root-level access and execute code on backup systems, have been disclosed by Veeam Software.

The vulnerabilities were discovered during internal testing and resolved in build 13.0.1.1071, released on January 6, 2026.

The most dangerous flaw, CVE-2025-55125, allows Backup or Tape Operators to perform remote code execution (RCE) as root by creating a malicious backup configuration file, carrying a CVSS v3.1 score of 7.2 (High severity).

A second critical issue, CVE-2025-59470, allows operators to execute arbitrary code as the PostgreSQL user via malicious interval or order parameters, rated Critical with a CVSS score of 9.0.

Though technically critical, Veeam adjusted this to High severity due to role-based access controls.CVE-2025-59469 permits operators to write files with root privileges.

CVE IDSeverityCVSS ScoreVulnerability Details
CVE-2025-55125High7.2RCE as root via malicious backup config
CVE-2025-59468Medium6.7RCE as PostgreSQL user via password parameter
CVE-2025-59469High7.2Arbitrary file write as root
CVE-2025-59470Critical*9.0RCE as PostgreSQL user via interval/order parameter

At the same time, CVE-2025-59468 allows backup administrators to achieve RCE as the PostgreSQL user through malicious password parameters.

All four vulnerabilities affect VBR 13.0.1.180 and earlier versions of 13 builds. Earlier versions (12.x and older) remain unaffected.

The vulnerabilities are particularly concerning because they target privileged operator roles commonly used to manage enterprise backup systems.

Once disclosed, attackers typically reverse-engineer patches to exploit unpatched deployments, making rapid updates essential.

Organizations running affected versions of Veeam Backup & Replication must upgrade immediately to build 13.0.1.1071 or later.

Veeam recommends following its Security Guidelines to restrict operator role assignments to trusted personnel only.

The company emphasizes that network segmentation and strong authentication policies should complement patch deployment.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Veeam Backup Vulnerabilities Enables Remote Code Execution as Root appeared first on Cyber Security News.

Discover more from RSS Feeds Cloud

Subscribe to get the latest posts sent to your email.

By rssfeeds-admin

Related Posts

Cyber Security News

Claude AI Agents Close 186 Deals in Anthropic’s Marketplace Experiment

rssfeeds-admin
Cyber Security News

GPT‑5.5 Bio Bug Bounty to Strengthen Advanced AI Capabilities

rssfeeds-admin
Cyber Security News

Hackers Can Abuse Entra Agent ID Administrator Role to Hijack Service Principals

rssfeeds-admin

You Missed

IGN

The Best Deals Today: Bravia 8 OLED TV, 4K Blu-rays, Super Monkey Ball Banana Rumble, and More

DMNews

A therapist says the clients who transform their lives in their fifties and sixties almost always share the same starting point — not a new plan, but the moment they stopped lying to themselves about whether the old plan was working

DMNews

A therapist says the clients who transform their lives in their fifties and sixties almost always share the same starting point — not a new plan, but the moment they stopped lying to themselves about whether the old plan was working

DMNews

The introvert’s version of loneliness isn’t the same as the extrovert’s — it isn’t the absence of people, it’s the presence of people you can’t go deep with, and that distinction explains a specific kind of social exhaustion that has no good name in English

Discover more from RSS Feeds Cloud

Subscribe now to keep reading and get access to the full archive.

Continue reading