The Digital Personal Data Protection Rule of 2025, Aligns India closely with Global Privacy Norms
The Digital Personal Data Protection Rule of 2025, aligns India closely with Global privacy norms
Continue ReadingData protection
Veeam Backup Patched Critical Vulnerabilities Enabling RCE & Privilege Escalation
Summary ; Security Advisory
Veeam disclosed three critical vulnerabilities affecting its widely deployed backup software. Veeam Backup & Replication is an enterprise-grade data protection solution used to back up, recover and replicate virtual machines, cloud workloads including physical servers.
| OEM | Veeam |
| Severity | Critical |
| CVSS Score | 9.9 |
| CVEs | CVE-2025-23121, CVE-2025-24286, CVE-2025-24287 |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
Overview
Multiple high-impact vulnerabilities have been disclosed in Veeam Backup & Replication and Veeam Agent for Microsoft Windows, impacting versions prior to 12.3.2 and 6.3.2 respectively.
The most critical issue (CVE-2025-23121) may allow a remote code execution (RCE) on the backup server by an authenticated domain user, effectively granting complete control over backup infrastructure.
The vulnerabilities also include risks of unauthorized modification of backup jobs (CVE-2025-24286) and privilege escalation via local directory manipulation (CVE-2025-24287). These flaws could enable attackers to execute arbitrary code or gain elevated permissions.
These flaws pose significant risks to organizations relying on Veeam for data integrity and disaster recovery. The data protection system of an organization may get affected if compromised and threaten domain-joined backup servers.
| Vulnerability Name | CVE ID | Product Affected | Severity |
| Remote Code Execution via Authenticated Domain User | CVE-2025-23121 | Veeam Backup & Replication | Critical (9.9) |
| Arbitrary Code Execution via Backup Operator Role Abuse | CVE-2025-24286 | Veeam Backup & Replication | High (7.2) |
| Privilege Escalation via Directory Manipulation | CVE-2025-24287 | Veeam Agent for Microsoft Windows | Medium (6.1) |
Technical Summary
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-23121 | Veeam Backup & Replication 12.3.1.1139 and all earlier v12 builds | A remote code execution vulnerability affecting domain-joined Veeam backup servers. An authenticated domain user may execute arbitrary commands with elevated privileges. | Remote Code Execution |
| CVE-2025-24286 | Veeam Backup & Replication 12.3.1.1139 and earlier | Authenticated users with the Backup Operator role can modify backup job configurations to inject and execute code. | Arbitrary Code Execution |
| CVE-2025-24287 | Veeam Agent for Microsoft Windows 6.3.1.1074 and earlier | Local users can manipulate directory contents leading to code execution with elevated privileges. | Local Privilege Escalation |
Remediation:
Users are strongly advised to apply the following updates to mitigate the risks:
- Upgrade Veeam Backup & Replication to 12.3.2 (build 12.3.2.3617) or later
- Upgrade Veeam Agent for Microsoft Windows to 6.3.2 (build 6.3.2.1205) or later
Here are some recommendations below
- Limit backup server access to trusted users only to reduce the risk of unauthorized control.
- Apply least privilege principles for backup roles so users have only the permissions they need.
- Regularly monitor backup job changes and system logs to detect suspicious activity early.
- Provide security awareness training to staff focusing on backup and recovery best practices.
Conclusion: For Security Best practices
Veeam has released patches to address all three vulnerabilities and urged organizations to update Veeam Backup & Replication 12.3.2 (build 12.3.2.3617) and Veeam Agent for Microsoft Windows 6.3.2 (build 6.3.2.1205) as soon as possible.
For security best practices maintaining up-to-date backup systems, prompt patching and adherence to security best practices are essential to prevent potential exploitation and data compromise.
The critical nature of vulnerabilities demands backup and disaster recovery along with strict access controls and ongoing monitoring as essential tips to safeguard infrastructure that have been backed up from potential attacks.
References:
Future of Maritime Innovation at
METS Trade 2024; Intrucept
Maritime industry worldwide is witnessing massive changes in terms of continuous innovation and managing cyber risk on top priority list. In doing so enabling innovation becomes easier along with exploring various options that approaches and addresses cyber security in the maritime sector.
Now maritime professionals are ready to explore the latest industry trends and adopt solutions that dig deeper into maritime organizations’ challenges and priorities related to cyber security.
Intrucept Participates at the METS Trade 2024
Intrucept, a leader in cybersecurity solutions is excited to announce participation at the prestigious METS Trade 2024 in Amsterdam, Date Nov 19-21(2024).
This marks a significant step forward in transforming the maritime industry by combining the power of cutting-edge cybersecurity solutions.
About Intrucept: Ensuring Maritime Security in a Digital Age
As digital threats evolve, Intrucept is at the forefront of cyber security, providing comprehensive protection for maritime operations. From vessel systems to operational networks, we ensure that your fleet stays secure, resilient, and ready for the challenges of tomorrow.
Our solutions are designed to protect against cyberattacks, safeguard sensitive data, and maintain the integrity of vessel operations, all while enhancing overall business efficiency.
Why We’re Joining Forces at METS Trade 2024
At METS Trade 2024, we’ll be showcasing our unique partnership and how combining advanced cybersecurity with innovative engineering can provide unparalleled protection and efficiency for the maritime industry. Together, we are shaping the future of shipping — where digital security and operational excellence go hand in hand.
What You Can Expect from Our Joint Presence at METS 2024
Innovative cybersecurity solutions for shipping operations: Protect your vessels, data, and systems from the growing cyber threat landscape.
State-of-the-art shipping engineering technologies: Learn how we can optimize vessel performance, enhance fuel efficiency, and ensure compliance with global maritime standards.
Collaborative insights: Our team will be on hand to discuss how we can work together to make your operations safer, smarter, and more sustainable.
We invite you to visit our booth at METS Trade 2024 to explore how our solutions can help future-proof your business, improve operational resilience, and safeguard your digital infrastructure.
Details:
Event: METS Trade 2024
Dates: November 19-21, 2024
Location: Amsterdam RAI, Amsterdam, Netherlands
We look forward to meeting you and discussing how we can drive innovation, security, and efficiency in your maritime operations.
Recent Comments