Global Market

Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files

BrandPost

  • CVE-2025-59470 (with a CVSS rating of 9) permits a Backup or Tape Operator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious interval or order parameter;
  • CVE-2025-59469 (with a severity rating of seven.2) permits a Backup or Tape Operator to write down information as root;
  • CVE-2025-55125 (with a severity rating of seven.2) permits a Backup or Tape Operator to carry out distant code execution (RCE) as root by making a malicious backup configuration file;
  • CVE-2025-59468 (with a severity rating of 6.7) permits a Backup Administrator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious password parameter.

The patch to model 13.0.1.1071 will probably be an “simple set up” that gained’t be disruptive, Vanover mentioned. As of Tuesday afternoon, Veeam hadn’t acquired reviews of exploitation, he added.

“The excellent news is, if a Veeam server is damaged, we will create a brand new server immediately – presumably with this patch put in – import the backups and stick with it. The core knowledge is totally unimpacted by this,” Vanover mentioned. “The worst sort of factor can be the [backup] surroundings isn’t working proper or the Postgres database is tousled on the Veeam server, so jobs may not behave in a method one may count on.”

In these instances, admins utilizing the Veeam One monitoring administration suite would get an alert if, for instance, a job was unable to hook up with the backup server or backup jobs had been failing.

The 4 vulnerabilities being patched are much less extreme than some as a result of an attacker, inner or exterior, would want legitimate credentials for the three particular roles, famous Johannes Ullrich, dean of analysis on the SANS Institute.

See also  PowerStore 2026: smarter storage, stronger security, unified files

Then again, he added, backup programs like Veeam are targets for attackers, specifically those that inject ransomware, who usually try and erase backups.

“Backup programs must be repeatedly audited to make sure that entry rights, resembling these talked about on this vulnerability, are correctly managed and solely accessible to customers who really need them,” he mentioned. “Authentication credentials must be reviewed to make sure they adjust to the respective requirements.”

Source link

TAGGED: , , , , , , , , , ,
Share This Article
Previous Article Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment
Next Article Laser breakthrough brings 2D materials closer to chip factories Laser breakthrough brings 2D materials closer to chip factories
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Trusted Source for Accurate and Timely Updates!

Our commitment to accuracy, impartiality, and delivering breaking news as it happens has earned us the trust of a vast audience. Stay ahead with real-time updates on the latest events, trends.
- Advertisement -
Ad image

Popular Posts

Industry solutions & real result

The push towards enterprise AI transformation gained important momentum on the current Huawei Cloud Business

Brandt Information Services Receives Equity Investment From Providence Equity Partners

Brandt Information Services, a Tallahassee, FL-based supplier of outside leisure know-how platforms, obtained an funding

OVHcloud introduces bare metal 2026 server line

OVHcloud has introduced the discharge of its new Naked Steel 2026 vary, representing an replace

SuperX Unveils XN9160-B200 AI Server Powered by NVIDIA B200 GPUs

SuperX has introduced the discharge of the SuperX XN9160-B200 AI Server, its latest flagship product.

Knowledge workers are leaning on generative AI as their workloads mount

People are struggling at work, in keeping with a new report from Wrike. It discovered