- VEEAM finds safety bugs distressing a number of its products
- The bug allows threats to execute arbitrary orders
- Correctives are already available, users are therefore invited to update now
Several VEEAM safeguard products have been found bearing a vulnerability of critical gravity which allowed the malicious actors to execute arbitrary orders on compromise termination criteria.
The company said that vulnerability had been discovered in the VEEAM UPDATER component, allowing threat actors to execute attacks by men in the environment (MITM), performing arbitrary codes with authorizations at the root level. It is now followed as CVE-2025-23114 and is delivered with a gravity score of 9.0 / 10 (critic).
Multiple products are vulnerable, including Veeam Backup for Salesforce (3.1 and more), for Nutanix Ahv (5.0 and 5.1), for AWS (6a and 7), for Microsoft Azure (5A and 6), for Google Cloud (4 and 5) and Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization (3, 4.0 and 4.1).
Patchs and risks
The fixes are already available, it is therefore advisable for users to update their products to the latest version to mitigate the potential risks. A full list of fixes can be found on this link.
VEEAM also pointed out that everyone is not vulnerable: “If a deployment of backup and replication VEEAM does not protect AWS, Google Cloud, Microsoft Azure, Nutanix Ahv or Oracle Linux VM / Red Hat Virtualization, such deployment n ‘is not affected by vulnerability, “he said.
VEEAM solutions are popular among SMEs and businesses, and as such are often targeted. In mid-October of last year, researchers warned against cybercriminals abusing vulnerability in Veeam Backup & Replication, followed as CVE-2024-40711. This bug allowed them to create a local account that they then used to deploy two ransomware variants: fog and Akira.
The researchers observed a handful of attempts to attack. Administrators were advised to switch to the latest version to mitigate the risk of operating.
Via The Hacker News
