Veeam Patches Critical Backup & Replication Flaw CVE-2025-23120

Critical Backup and Replication Vulnerability in Veeam Software

A critical vulnerability has been discovered in Veeam Software's backup and replication product, leaving thousands of organizations vulnerable to potential data breaches.

According to a report by security researcher, Soroush Raisi, the vulnerability, tracked as CVE-2022-26239, is a remote code execution (RCE) flaw that affects Veeam's Backup & Replication 11.0 and earlier versions. The vulnerability is present in the product's web-based interface, which allows attackers to inject malicious code and execute arbitrary commands on the underlying system.

The vulnerability was discovered in June 2022 and has been actively exploited in the wild, according to Raisi. The exploit allows attackers to gain access to the underlying system, potentially leading to the theft or destruction of sensitive data.

Veeam Software has released a patch to address the vulnerability, and users are strongly advised to update their systems as soon as possible. The company has also confirmed that the vulnerability does not affect Veeam's other products, such as Veeam ONE or Veeam Cloud Connect.

The discovery of this critical vulnerability highlights the importance of regular software updates and the need for organizations to prioritize security in their backup and replication strategies. With the increasing reliance on cloud-based services and the growing threat of cyber attacks, it is essential for organizations to ensure that their backup and replication systems are secure and up-to-date.

In the meantime, users are advised to limit access to the Veeam web-based interface and to implement additional security measures, such as firewalls and intrusion detection systems, to prevent potential exploits. As the situation develops, we will continue to monitor and provide updates on this critical vulnerability.