Global Market

Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files

BrandPost

  • CVE-2025-59470 (with a CVSS rating of 9) permits a Backup or Tape Operator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious interval or order parameter;
  • CVE-2025-59469 (with a severity rating of seven.2) permits a Backup or Tape Operator to write down information as root;
  • CVE-2025-55125 (with a severity rating of seven.2) permits a Backup or Tape Operator to carry out distant code execution (RCE) as root by making a malicious backup configuration file;
  • CVE-2025-59468 (with a severity rating of 6.7) permits a Backup Administrator to carry out distant code execution (RCE) because the Postgres consumer by sending a malicious password parameter.

The patch to model 13.0.1.1071 will probably be an “simple set up” that gained’t be disruptive, Vanover mentioned. As of Tuesday afternoon, Veeam hadn’t acquired reviews of exploitation, he added.

“The excellent news is, if a Veeam server is damaged, we will create a brand new server immediately – presumably with this patch put in – import the backups and stick with it. The core knowledge is totally unimpacted by this,” Vanover mentioned. “The worst sort of factor can be the [backup] surroundings isn’t working proper or the Postgres database is tousled on the Veeam server, so jobs may not behave in a method one may count on.”

In these instances, admins utilizing the Veeam One monitoring administration suite would get an alert if, for instance, a job was unable to hook up with the backup server or backup jobs had been failing.

The 4 vulnerabilities being patched are much less extreme than some as a result of an attacker, inner or exterior, would want legitimate credentials for the three particular roles, famous Johannes Ullrich, dean of analysis on the SANS Institute.

See also  Crusoe Expands Iceland Data Center, Secures $175M from VPC

Then again, he added, backup programs like Veeam are targets for attackers, specifically those that inject ransomware, who usually try and erase backups.

“Backup programs must be repeatedly audited to make sure that entry rights, resembling these talked about on this vulnerability, are correctly managed and solely accessible to customers who really need them,” he mentioned. “Authentication credentials must be reviewed to make sure they adjust to the respective requirements.”

Source link

TAGGED: , , , , , , , , , ,
Share This Article
Previous Article Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment Nous Research's NousCoder-14B is an open-source coding model landing right in the Claude Code moment
Next Article Laser breakthrough brings 2D materials closer to chip factories Laser breakthrough brings 2D materials closer to chip factories
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Trusted Source for Accurate and Timely Updates!

Our commitment to accuracy, impartiality, and delivering breaking news as it happens has earned us the trust of a vast audience. Stay ahead with real-time updates on the latest events, trends.
- Advertisement -
Ad image

Popular Posts

Data center capacity continues to shift to hyperscalers

Nevertheless, despite the fact that colocation and on-premises information facilities will proceed to lose share,

Nirvana Insurance Raises $80M in Series C Funding

Nirvana Insurance, a San Francisco, CA-based AI-driven business trucking insurer, raised $80M in Collection C

IDC: Industry Clouds Accelerate Transformation in Asia-Pacific

A brand new report from IDC highlights a pointy rise in cloud adoption throughout the

Linux operators: Using |, >, >>, &, &&, !, =, () and many more

Within the instance beneath, the head command fails as a result of it wasn’t run

The cloud is benefiting IT, but not business

“The cloud has super enterprise worth!” That’s the battle cry chanted by cloud suppliers and