CVE-2025-23120

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions 12.3.0.310 and earlier

Description A critical vulnerability in Veeam Backup & Replication allows remote code execution (RCE) by authenticated domain users. The issue arises from a deserialization flaw in the Veeam.Backup.EsxManager.xmlFrameworkDs and Veeam.Backup.Core.BackupSummary classes, which can be exploited by sending specially crafted requests. This vulnerability can be exploited by any domain user, making it easily exploitable in domain-joined environments. The vulnerability can lead to catastrophic data breaches or ransomware attacks, and it is recommended to upgrade to version 12.3.1 and disconnect the server from the domain to mitigate the risk.

Recommendations Upgrade to Veeam Backup & Replication version 12.3.1 to secure systems. If possible, disconnect the Veeam Backup & Replication server from the domain to minimize the risk of exploitation.