CVE-2025-23121

Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 12.3.2.3617

Description A critical remote code execution (RCE) vulnerability allows authenticated domain users to execute code on the Backup Server. This vulnerability affects Veeam Backup & Replication software, specifically impacting backup servers that are joined to a Windows domain. The estimated number of potentially affected devices worldwide is not explicitly stated, but it is mentioned that over 550,000 clients use Veeam's solutions, including 82% of Fortune 500 companies and 74% of Global 2000 firms. There have been real-world incidents where this issue was exploited, with attackers targeting Veeam Backup & Replication servers.

Recommendations To resolve the issue, update Veeam Backup & Replication to version 12.3.2.3617 or later. As a temporary workaround, consider restricting access to the Backup Server to minimize the risk of exploitation. Additionally, follow isolation best practices to reduce the attack surface.