Global Market

Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files

BrandPost

  • CVE-2025-59470 (with a CVSS rating of 9) permits a Backup or Tape Operator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious interval or order parameter;
  • CVE-2025-59469 (with a severity rating of seven.2) permits a Backup or Tape Operator to write down information as root;
  • CVE-2025-55125 (with a severity rating of seven.2) permits a Backup or Tape Operator to carry out distant code execution (RCE) as root by making a malicious backup configuration file;
  • CVE-2025-59468 (with a severity rating of 6.7) permits a Backup Administrator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious password parameter.

The patch to model 13.0.1.1071 will probably be an “simple set up” that gained’t be disruptive, Vanover mentioned. As of Tuesday afternoon, Veeam hadn’t acquired reviews of exploitation, he added.

“The excellent news is, if a Veeam server is damaged, we will create a brand new server immediately – presumably with this patch put in – import the backups and stick with it. The core knowledge is totally unimpacted by this,” Vanover mentioned. “The worst sort of factor can be the [backup] surroundings isn’t working proper or the Postgres database is tousled on the Veeam server, so jobs may not behave in a method one may count on.”

In these instances, admins utilizing the Veeam One monitoring administration suite would get an alert if, for instance, a job was unable to hook up with the backup server or backup jobs had been failing.

The 4 vulnerabilities being patched are much less extreme than some as a result of an attacker, inner or exterior, would want legitimate credentials for the three particular roles, famous Johannes Ullrich, dean of analysis on the SANS Institute.

See also  Entuity Software V23.0 adds remote agents and streaming telemetry

Then again, he added, backup programs like Veeam are targets for attackers, specifically those that inject ransomware, who usually try and erase backups.

“Backup programs must be repeatedly audited to make sure that entry rights, resembling these talked about on this vulnerability, are correctly managed and solely accessible to customers who really need them,” he mentioned. “Authentication credentials must be reviewed to make sure they adjust to the respective requirements.”

Source link

TAGGED: , , , , , , , , , ,
Share This Article
Previous Article Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment
Next Article Laser breakthrough brings 2D materials closer to chip factories Laser breakthrough brings 2D materials closer to chip factories
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Trusted Source for Accurate and Timely Updates!

Our commitment to accuracy, impartiality, and delivering breaking news as it happens has earned us the trust of a vast audience. Stay ahead with real-time updates on the latest events, trends.
- Advertisement -
Ad image

Popular Posts

Is investment in AI a waste of time?

Paul Moxon, VP of Information Structure & Chief Evangelist at Denodo, argues that knowledge is

Zoca Raises $6M in Funding

Zoca founders Ashish Verma and Robin Chauhan. Zoca, a Phoenix, AZ-based supplier of an AI-first

Amazon Plans Data Center on Pickaway County Farmland

Pickaway County – In 2023 Ohio Governor Mike DeWine and Lt. Governor Jon Husted introduced

Stable Sea Raises $3.5M in Funding

Stable Sea, a San Francisco, CA-based stablecoin liquidity and orchestration firm, raised $3.5M in funding. The spherical

Anthropic’s Computer Use mode shows strengths and limitations in new study

Be part of our each day and weekly newsletters for the newest updates and unique