Proof-of-Concept Released for Veeam Backup & Replication Vulnerability

Successful exploitation of CVE-2025-23120 could lead to remote code execution

Threat ID:: CC-4634
Threat Severity:: Medium
Published:: 20 March 2025 12:12 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Successful exploitation of CVE-2025-23120 could lead to remote code execution

Affected platforms

The following platforms are known to be affected:

Versions: 12.3.0.310 and all earlier version 12 builds

Veeam Backup & Replication

Threat details

Proof-of-Concept released for CVE-2025-23120

A public proof-of-concept exploit is available for CVE-2025-23120. Exploitation is considered more likely.

Introduction

Veeam has issued a security bulletin addressing a critical vulnerability in their Backup & Replication product. Veeam Backup & Replication is a proprietary backup application for virtual environments built on various hypervisors.

CVE-2025-23120 is a critical vulnerability with a a CvSSv4 score of 9.9. Successful exploitation could allow an authenticated, remote attacker to perform remote code execution (RCE), provided the attacker has valid domain privileges.

Note: The critical vulnerability only impacts domain-joined backup servers, which is against Veeam's Security & Compliance Best Practices.

Remediation advice

Affected organisations are encouraged to review the Veeam Security Bulletin (March 2025) KB4724 and update Veeam Backup & Replication to version 12.3.1 (or above) as soon as practicable.

Definitive source of threat updates

https://www.veeam.com/kb4724

CVE Vulnerabilities

Status Reserved

CVE-2025-23120

Last edited: 20 March 2025 12:12 pm