AI description
CVE-2025-23114 is a vulnerability found in the Veeam Updater component across several Veeam backup products. An attacker could exploit this vulnerability through a Man-in-the-Middle (MitM) attack, potentially gaining the ability to execute arbitrary code with root-level permissions on the targeted server. Affected products include Veeam Backup for Salesforce (versions 3.1 and older), Nutanix AHV (versions 5.0 and 5.1), AWS (versions 6a and 7), Microsoft Azure (versions 5a and 6), Google Cloud (versions 4 and 5), and Oracle Linux/Red Hat Virtualization (versions 3, 4.0, and 4.1). Veeam has released updates to address this vulnerability, and users are strongly encouraged to update their software immediately.
- Description
- A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate.
- Source
- support@hackerone.com
- NVD status
- Received
CVSS 3.0
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
#Vulnerability #CVE202523114 CVE-2025-23114 (CVSS 9.0): Critical Veeam Backup Vulnerability Enables Remote Code Execution https://t.co/XnOfWvNQZu
@Komodosec
6 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Man-in-the-Middle Attack Risk: Veeam Urges Urgent Patching for CVE-2025-23114 https://t.co/B8Ml1VxF4Z Overview Veeam has issued a security update to address a critical vulnerability (CVE-2025-23114) affecting its Veeam Updater component. This flaw allows attackers to execute…
@f1tym1
13 Feb 2025
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🌐 Bulletin d'actualité – 11 février 2025 🔗 Lire ici : https://t.co/OPpKGSyalB 🔒 Vulnérabilités : - Jour-0 Apple corrigée (CVE-2025-24200) désactive la sécurité USB. - Veeam Backup (CVE-2025-23114) ciblé par des attaques MITM. - SonicWall (CVE-2025-23006) permet RCE avant… htt
@CERT_Illicium
11 Feb 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam users: Patch now to mitigate a critical Man-in-the-Middle attack risk (CVE-2025-23114). Don’t let attackers exploit this vulnerability. Full details: https://t.co/MfJclMmqpZ #CyberSecurity #Veeam #PatchNow #CVE202523114 #InfoSec
@adriananglin
10 Feb 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-23114
@transilienceai
10 Feb 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-23114
@transilienceai
9 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-23114
@transilienceai
9 Feb 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
برای Veeam Backup آسیب پذیری با کد شناسایی CVE-2025-23114 منتشر شده است که به هکرها امکان اجرای کد یا همان RCE را می دهد و به هکرها امکان استفاده از mitm برای اجرای کد را می دهد . برای پیشگیری و مقابله با این تهدید به روز رسانی لازم را اعمال نمایید. https://t.co/Poz3aKY03t https
@AmirHossein_sec
8 Feb 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Patch Veeam Updater to Fix Critical MitM ACE Flaw (CVE-2025-23114) https://t.co/MTrPWHQkLA #patchmanagement
@eyalestrin
8 Feb 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-23114 (CVSS 9.0): Critical Veeam Backup Vulnerability Enables Remote Code Execution 📊 32K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/rGqjR1ApEm 👇Query HUNTER : https://t.co/q9rtuGfZuz="Veeam Backup"… https://t.co/v7F
@HunterMapping
8 Feb 2025
2747 Impressions
15 Retweets
42 Likes
14 Bookmarks
6 Replies
0 Quotes
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack. The vulnerability within the Veeam Updater component is tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0. https://t.co/wXNSVoIywt https://t.co/X3fQ0PeO1Y
@riskigy
7 Feb 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-23114
@transilienceai
7 Feb 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
📢 CiberSeguridad en menos de 5 minutos 🔴 CISA emite 9 alertas de seguridad: Vulnerabilidades críticas en infraestructura de control industrial (ICS) ponen en riesgo sistemas estratégicos. 🛑 Vulnerabilidad en Veeam Backup: La falla CVE-2025-23114 permite ataques… https://t.co/
@Seifreed
6 Feb 2025
5954 Impressions
15 Retweets
126 Likes
26 Bookmarks
0 Replies
2 Quotes
Actively exploited CVE : CVE-2025-23114
@transilienceai
6 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Critical Veeam Vulnerability Alert! 🚨 A new flaw (CVE-2025-23114) allows arbitrary code execution via Man-in-the-Middle attacks. Affects multiple Veeam products with a CVSS score of 9.0/10. Update immediately to secure your systems! 🔐 Read Now: https://t.co/NQ05Wpsjbe
@cybrhoodsentinl
5 Feb 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23114 Impacts Veeam Backup #VeeamBackup #CVE-2025-23114 #RCE https://t.co/9ZcNGTNrZE
@pravin_karthik
5 Feb 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
شناسایی آسیب پذیری بحرانی (CVE-2025-23114) در Veeam Backup #Cyber_Security_News #اخبار_امنیت_سایبری #CVE_2025_23114 #Man_in_the_Middle https://t.co/DIRrx4ccmL
@vulnerbyte
5 Feb 2025
25 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-23114, CVSS 9.0) in Veeam products could allow remote code execution via Man-in-the-Middle attacks. Users must act quickly to secure their systems. #Veeam #RemoteAccess #USA link: https://t.co/Pd3kqPT1Ev https://t.co/dULEnqxPd5
@TweetThreatNews
5 Feb 2025
60 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛑 Security Alert for Veeam Users! CVE-2025-23114 has a CVSS score of 9.0. This new critical Man-in-the-Middle attack could allow hackers to execute arbitrary code on your servers. ✅ Fix is Available! Check out the details here: https://t.co/hCFQUCrZJk
@TheHackersNews
5 Feb 2025
10254 Impressions
38 Retweets
67 Likes
6 Bookmarks
0 Replies
0 Quotes
CVE-2025-23114 (CVSS 9.0): Critical Veeam Backup Vulnerability Enables Remote Code Execution https://t.co/HGdg4EJCLp
@samilaiho
5 Feb 2025
1335 Impressions
4 Retweets
22 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 Critical Veeam Vulnerability (CVE-2025-23114) ⚠️ Remote Code Execution risk 🔓 Unpatched systems exposed to attackers 🛡️ Urgent patching required Stay ahead of this critical flaw with SOCRadar’s latest analysis. 📖 Read more: https://t.co/IayUY8HEN1 #CyberSecurity #Veeam…
@socradar
5 Feb 2025
140 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
Veeam Backupに重大(Critical)な脆弱性。CVE-2025-23114はCVSSスコア9.0で、遠隔コード実行の脆弱性。アップデート時に中間者攻撃が可能となるもので、潜在的にはroot権限が奪取される可能性。修正済み。 https://t.co/LAblFW2cob
@__kokumoto
5 Feb 2025
1382 Impressions
5 Retweets
15 Likes
2 Bookmarks
0 Replies
0 Quotes
Veeam Updaterに存在する脆弱性CVE-2025-23114 CVSS9.0 Critical 攻撃者がMan-in-the-Middle攻撃を利用して、root権限で任意のコードを実行できる可能性があります。影響を受けるのは古いバージョンの Veeam Backup アプライアンス、自動アップデートが有効であれば、基本的には対応不要です。 https://t.co/36rZVMmIL5
@t_nihonmatsu
5 Feb 2025
277 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
0 Quotes
🚨🚨CVE-2025-23114 (CVSS: 9) : Critical Veeam Backup Vulnerability Enables Remote Code Execution ⚠️This vulnerability allows attackers to perform a Man-in-the-Middle (MitM) attack, potentially gaining root-level permissions on affected appliance servers. ZoomEye Dork👉app="Veeam
@zoomeye_team
5 Feb 2025
458 Impressions
2 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-23114 (CVSS 9.0): Critical Veeam Backup Vulnerability Enables Remote Code Execution https://t.co/mEsoctNwsH
@Dinosn
5 Feb 2025
6784 Impressions
53 Retweets
108 Likes
44 Bookmarks
0 Replies
1 Quote
CVE-2025-23114 A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to … https://t.co/61isNwiuKT
@CVEnew
5 Feb 2025
504 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-23114: CRITICAL] Critical vulnerability in Veeam Updater component enables Man-in-the-Middle attacks, allowing execution of malicious code due to TLS certificate validation failure. #CyberSecurity#cybersecurity,#vulnerability https://t.co/Ts3swk9MeH https://t.co/WCQfREh
@CveFindCom
5 Feb 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23114 A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code on the affected appliance server with root-level permissions. https://t.co/8j55MknymW @VeeamVanguard @VeeamCommunity #mvpbuzz
@GoodDealMart
4 Feb 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23114 A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code on the affected appliance server with root-level permissions https://t.co/NJDuUEVmy7 @VeeamVanguard @VeeamCommunity #mvpbuzz h
@SifuSun
4 Feb 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes