Categories: Cyber Security News

Veeam Backup Vulnerabilities Enables Remote Code Execution as Root

Four critical flaws in Veeam Backup & Replication v13, which could allow attackers to gain root-level access and execute code on backup systems, have been disclosed by Veeam Software.

The vulnerabilities were discovered during internal testing and resolved in build 13.0.1.1071, released on January 6, 2026.

The most dangerous flaw, CVE-2025-55125, allows Backup or Tape Operators to perform remote code execution (RCE) as root by creating a malicious backup configuration file, carrying a CVSS v3.1 score of 7.2 (High severity).

A second critical issue, CVE-2025-59470, allows operators to execute arbitrary code as the PostgreSQL user via malicious interval or order parameters, rated Critical with a CVSS score of 9.0.

Though technically critical, Veeam adjusted this to High severity due to role-based access controls.CVE-2025-59469 permits operators to write files with root privileges.

CVE ID	Severity	CVSS Score	Vulnerability Details
CVE-2025-55125	High	7.2	RCE as root via malicious backup config
CVE-2025-59468	Medium	6.7	RCE as PostgreSQL user via password parameter
CVE-2025-59469	High	7.2	Arbitrary file write as root
CVE-2025-59470	Critical*	9.0	RCE as PostgreSQL user via interval/order parameter

At the same time, CVE-2025-59468 allows backup administrators to achieve RCE as the PostgreSQL user through malicious password parameters.

All four vulnerabilities affect VBR 13.0.1.180 and earlier versions of 13 builds. Earlier versions (12.x and older) remain unaffected.

The vulnerabilities are particularly concerning because they target privileged operator roles commonly used to manage enterprise backup systems.

Once disclosed, attackers typically reverse-engineer patches to exploit unpatched deployments, making rapid updates essential.

Organizations running affected versions of Veeam Backup & Replication must upgrade immediately to build 13.0.1.1071 or later.

Veeam recommends following its Security Guidelines to restrict operator role assignments to trusted personnel only.

The company emphasizes that network segmentation and strong authentication policies should complement patch deployment.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Veeam Backup Vulnerabilities Enables Remote Code Execution as Root appeared first on Cyber Security News.

Veeam Patches Multiple Critical RCE Vulnerabilities on Backup Server

A critical security update has been released for Backup & Replication software to fix severe vulnerabilities that could allow attackers to execute remote code and escalate privileges. Released on March 12, 2026, the latest security patch (Build 12.3.2.4465) is an essential update for administrators needing to secure their backup infrastructure…

March 13, 2026

In "Cyber Security News"

Critical Veeam Backup RCE Vulnerabilities Let Attackers Execute Malicious Code Remotely

Veeam Software has disclosed three serious security flaws in its Backup & Replication suite and Agent for Microsoft Windows, which enable remote code execution and privilege escalation, potentially compromising enterprise backup infrastructures. These vulnerabilities, patched in recent updates, primarily affect domain-joined systems in version 12 of the software. Organizations are…

October 15, 2025

In "Cyber Security News"

Critical Veeam Backup Flaws Allow Remote Code Execution

Veeam has released Patch 12.3.2.4165 for Backup & Replication, resolving three significant security flaws that could expose organizations to remote code execution and privilege escalation risks. Published on October 14, 2025, the update addresses two critical CVE-2025-48983 and CVE-2025-48984 issues in the core Backup & Replication platform, as well as…

October 15, 2025

In "Cyber Security News"

rssfeeds-admin