Global Market

Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files

BrandPost

  • CVE-2025-59470 (with a CVSS rating of 9) permits a Backup or Tape Operator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious interval or order parameter;
  • CVE-2025-59469 (with a severity rating of seven.2) permits a Backup or Tape Operator to write down information as root;
  • CVE-2025-55125 (with a severity rating of seven.2) permits a Backup or Tape Operator to carry out distant code execution (RCE) as root by making a malicious backup configuration file;
  • CVE-2025-59468 (with a severity rating of 6.7) permits a Backup Administrator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious password parameter.

The patch to model 13.0.1.1071 will probably be an “simple set up” that gained’t be disruptive, Vanover mentioned. As of Tuesday afternoon, Veeam hadn’t acquired reviews of exploitation, he added.

“The excellent news is, if a Veeam server is damaged, we will create a brand new server immediately – presumably with this patch put in – import the backups and stick with it. The core knowledge is totally unimpacted by this,” Vanover mentioned. “The worst sort of factor can be the [backup] surroundings isn’t working proper or the Postgres database is tousled on the Veeam server, so jobs may not behave in a method one may count on.”

In these instances, admins utilizing the Veeam One monitoring administration suite would get an alert if, for instance, a job was unable to hook up with the backup server or backup jobs had been failing.

The 4 vulnerabilities being patched are much less extreme than some as a result of an attacker, inner or exterior, would want legitimate credentials for the three particular roles, famous Johannes Ullrich, dean of analysis on the SANS Institute.

See also  Remote work keeps driving network innovation

Then again, he added, backup programs like Veeam are targets for attackers, specifically those that inject ransomware, who usually try and erase backups.

“Backup programs must be repeatedly audited to make sure that entry rights, resembling these talked about on this vulnerability, are correctly managed and solely accessible to customers who really need them,” he mentioned. “Authentication credentials must be reviewed to make sure they adjust to the respective requirements.”

Source link

TAGGED: , , , , , , , , , ,
Share This Article
Previous Article Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment
Next Article Laser breakthrough brings 2D materials closer to chip factories Laser breakthrough brings 2D materials closer to chip factories
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Trusted Source for Accurate and Timely Updates!

Our commitment to accuracy, impartiality, and delivering breaking news as it happens has earned us the trust of a vast audience. Stay ahead with real-time updates on the latest events, trends.
- Advertisement -
Ad image

Popular Posts

MariaDB Foundation CEO on Database Future, MySQL, AI, and Hetzner’s Role

Kaj Arnö, CEO of MariaDB Basis, shares insights on the inspiration’s mission to assist open-source

Enhancing open-source AI and improving data governance

Forward of AI & Huge Information Expo Europe, AI Information caught up with Ivo Everts,

Skylo Technologies secures $37 million in funding round led by tech industry heavyweights

Skylo Applied sciences, a satellite tv for pc connectivity service supplier, secures $37 million in

Google No Longer Has a Chief Privacy Officer. Should You Follow Suit?

On June 4, Reuters reported that Google’s chief privateness officer is departing after 13 years on

AI can’t fix a broken NetOps practice

Knowledge assortment errors, inconsistent knowledge formatting points throughout distributors, knowledge storage points, and community monitoring