AI description
CVE-2025-23120 is a vulnerability in Veeam Backup & Replication software that allows remote code execution (RCE) by authenticated domain users. It affects version 12.3.0.310 and all earlier version 12 builds. The vulnerability was discovered by Piotr Bazydlo of watchTowr. The vulnerability exists because of uncontrolled deserialization within the Veeam codebase. Specifically, it can be exploited by any user who belongs to the local users group on the Windows host of the Veeam server, or by any domain user if the server is joined to the domain. Veeam has addressed this flaw in Veeam Backup & Replication 12.3.1 (build 12.3.1.1139), and organizations are urged to apply the patch immediately.
- Description
- A vulnerability allowing remote code execution (RCE) for domain users.
- Source
- support@hackerone.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 3.0
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-502
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2025-23120
@transilienceai
15 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
One of these things is not like the other- all cover the 2 Rockwell products with Veeam impacted by CVE-2025-23120 UK NHS Digital says PoC available, Cyble says PoC available https://t.co/Cg7SjORzCz https://t.co/ZbWoKdQ8tK https://t.co/gztWRoxXT0 https://t.co/tCoIttwTY7
@cyber_megan
11 Apr 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
Actively exploited CVE : CVE-2025-23120
@transilienceai
8 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#CVE #Exploit #redteam CVE ID: CVE-2025-23120 System: Veeam Backup & Replication Type: RCE Exploit: Veeam Backup & Replication 12.3.0.310 & All earlier version 12 builds. More Info: https://t.co/1jATzgant2 Poc: https://t.co/KnZda9yhvV
@ksg93rd
5 Apr 2025
1667 Impressions
6 Retweets
27 Likes
17 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-23120
@transilienceai
30 Mar 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Our crew members @mwulftange & @frycos discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam's blacklist for CVE-2024-40711 & CVE-2025-23120 as well as further entry points following @SinSinology & @chudyPB's blog. Don’t blacklist, replace
@codewhitesec
28 Mar 2025
4737 Impressions
20 Retweets
69 Likes
12 Bookmarks
0 Replies
2 Quotes
Veeam Backup & Replication の脆弱性 CVE-2025-23120 (CVSS 9.9) が FIX:RCE の恐れ https://t.co/czzXN0hPhG VBR の深刻な RCE 脆弱性が FIXしました。同製品の脆弱性は、実際に悪用されるケースが多く見られます。ご利用のチームは、迅速なアップデートを、ご検討下さい。よ #CVE202523120 #VBR
@iototsecnews
28 Mar 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-23120
@transilienceai
28 Mar 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-23120
@transilienceai
27 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 A critical vulnerability exists in Veeam Backup & Replication software (CVE-2025-23120). Please see the @ncsc_gov_ie advisory for more info: https://t.co/izXHa9KHVh
@ncsc_gov_ie
26 Mar 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Faille critique chez Veeam ! Une vulnérabilité (CVE-2025-23120) dans Backup & Réplication (v12.3 & avant) permet des attaques à distance. Réparée le 23/03/25 Si votre serveur est sur un domaine, danger ! Mettez à jour..., les ransomware adorent ça. #Cybersecurite #VeeamPa
@ECSI_MA
24 Mar 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Ejecución remota de código en Veeam Importancia 5 - Crítica Veeam Backup & Replication 12.3.0.310 y todas las compilaciones anteriores a la versión CVE-2025-23120 https://t.co/vvW1fme6g1 https://t.co/O3ar3H0JD0
@elhackernet
24 Mar 2025
4618 Impressions
20 Retweets
52 Likes
17 Bookmarks
0 Replies
0 Quotes
VeeamのVeeam Backup & Replication でリモートコード実行が可能な脆弱性(CVE-2025-23120)が発生しました。パッチはリリースされているので早急な適用をお勧めします。 #セキュリティ対策Lab #セキュリティ #Security https://t.co/3Cxk4ysciC
@securityLab_jp
24 Mar 2025
24 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical patch alert! CVE-2025-23120 in Veeam Backup & Replication allows domain users to execute arbitrary code. High impact, medium probability. Update now to secure your systems! #CVE-2025-23120 #Cybersecurity https://t.co/hx5y5pX8ly
@RedTeamNewsBlog
24 Mar 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) - Help Net Security https://t.co/cAYbV7WZCR
@PVynckier
23 Mar 2025
106 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-23120
@transilienceai
23 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Two major vendors just patched remote code execution flaws—update NOW before attackers exploit them. 🔴 Veeam Backup (CVE-2025-23120, 9.9/10) ➡️ Affects v12.3.0.310 & earlier ➡️ Allows RCE by authenticated users ➡️ Fixed in v12.3.1 (12.3.1.1139) 🔴 IBM AIX (CVE-2024-56346 &
@achi_tech
22 Mar 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری جدیدی با کد شناسایی CVE-2025-23120 برای محصول Veeam Backup منتشر شده است. نسخه های 12, 12.1, 12.2, 12.3 دارای این آسیب پذیری هستند. برای پیشگیری و مقابله با این تهدید به نسخه 12.3.1 به روز رسانی نمایید. https://t.co/Poz3aKY03t https://t.co/LxuM9PrRTB
@AmirHossein_sec
22 Mar 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【Veeam製バックアップソフトに重大な脆弱性、至急アップデートを推奨】 Veeamのバックアップ製品に深刻なリモートコード実行(RCE)脆弱性(CVE-2025-23120)が発見されました。攻撃者による遠隔操作が可能なため、最新版への即時更新が推奨されています。 https://t.co/JsqJENT8Zf
@StudySEC_Site
22 Mar 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-23120
@transilienceai
22 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Urgent Update: Veeam and IBM have released patches for critical vulnerabilities in their software. Veeam’s flaw (CVE-2025-23120) allows remote code execution, with a CVSS score of 9.9, affecting versions 12.3.0.310 and earlier.
@fynn_JourX
22 Mar 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-23120
@transilienceai
21 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution. The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. https://t.co/0acQkeqcaW https:/
@riskigy
21 Mar 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam patched the critical CVE-2025-23120 vulnerability in Backup & Replication affecting domain-joined installations. Disclosed recently, it enabled remote code execution. Fixed in version 12.3.1, it allows exploitation by any domain user on impacted setups. #Security https:
@Strivehawk
21 Mar 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📰 Latest News: Veeam fixed critical Backup & Replication flaw CVE-2025-23120 More on: https://t.co/kkULnIkU5q https://t.co/qmaTol5zBU
@StudiosClancy
21 Mar 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Threat_Research 1. Legacy Driver Exploitation Through Bypassing Certificate Verification https://t.co/iFmmZ8D37f 2. Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120) https://t.co/9IZpUK4K4P 3. BMC&C Vulnerabilities https://t.co/5c8ER57kXh
@ksg93rd
21 Mar 2025
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical Veeam RCE Vulnerability CVE-2025-23120 (CVSS 9.9) allows attackers to execute code remotely in Veeam Backup & Replication. Ransomware gangs often target Veeam — update to version 12.3.1 now to stay protected! https://t.co/4QEzKW1Tr8 #CyberSecurity #RCE #Vulnerabi
@dCypherIO
21 Mar 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We constantly stress the need for immutable or offline backups. Backups are targeted by ransomware groups to limit the ability to restore after an attack. CVE-2025-23120 is an RCE for domain joined #Veeam servers, exploitable by any domain user. https://t.co/Fv4GIh7lgc
@ct_is
21 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We constantly stress the need for immutable or offline backups. Backups are targeted by ransomware groups to limit the ability to restore after an attack. #CVE-2025-23120 is an RCE for domain joined #Veeam servers, exploitable by any domain user. https://t.co/Fv4GIh7lgc
@ct_is
21 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VeeamのRCEバグによりドメインユーザーがバックアップサーバーをハック可能に、今すぐパッチを適用してください(CVE-2025-23120) https://t.co/9d7xiDJoTI #Security #セキュリティ #ニュース
@SecureShield_
21 Mar 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-23120
@transilienceai
21 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Attention IT professionals! A critical RCE vulnerability (CVE-2025-23120) has been found in Veeam's Backup & Replication software, putting domain-joined installations at risk.
@fynn_JourX
21 Mar 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CVE-2025-23120 in #Veeam (CVSS 9.9) lets any domain user run remote code via insecure deserialization. Affects v12.3.0.310 & earlier. Patch to 12.3.1.1139 now! 🛡 Detect threats fast with SOCRadar’s #VulnerabilityIntelligence https://t.co/sFIGTnRgip
@socradar
21 Mar 2025
92 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨 Veeam fixes critical RCE flaw (CVE-2025-23120, CVSS 9.9) in Backup & Replication software. Affects v12.3.0.310 & earlier. Patch now! 🛠️ IBM also releases security updates. 🔗 More details: https://t.co/sWQvmnQOlI #CyberSecurity #InfoSec https://t.co/sWQvmnQOlI
@SalvadorCloud
21 Mar 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 CVE-2025-23120 (CVSS 9.9): Critical RCE in Veeam Backup 🖥️ Affects v12.3.0.310 & earlier. Patch to v12.3.1🚨. #Cybersecurity #Veeam #Cve Read more: https://t.co/GpRX2ZqB6r https://t.co/HIl2z3IJjY
@threatsbank
21 Mar 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Critical Veeam Backup & Replication remote code execution (RCE) Vulnerability 🚨 Vulnerability Details: CVE-2025-23120 (CVSS 9.9/10) Veeam Backup & Replication remote code execution (RCE) Vulnerability Impact: A successful exploit malware allow remote co
@CyberxtronTech
21 Mar 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Critical Veeam Backup & Replication remote code execution (RCE) Vulnerability 🚨 Vulnerability Details: CVE-2025-23120 (CVSS 9.9/10) Veeam Backup & Replication remote code execution (RCE) Vulnerability Impact: A successful exploit malware allow remote co
@CyberxtronTech
21 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical RCE vulnerability (CVE-2025-23120) in Veeam Backup & Replication allows domain users to exploit backup servers. Patch now to secure your systems! 🛡️ #Veeam #DataProtection #USA link: https://t.co/bqibUvdsOi https://t.co/b07eeJMUlF
@TweetThreatNews
21 Mar 2025
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-23120 ⚠️🔴 CRITICAL (9.9) 🏢 Veeam - Backup and Recovery 🏗️ 12.3 🔗 https://t.co/ydTuITplJK #CyberCron #VulnAlert #InfoSec https://t.co/ozA1vuNSbr
@cybercronai
21 Mar 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
系统备份软件Veeam Backup出现高危安全漏洞 攻击者可以轻松破坏服务器 Veeam Backup & Replication 存在高危反序列化漏洞(CVE-2025-23120),影响 12.x 旧版本。攻击者可借此访问备份服务器窃取或破坏数据,甚至实施勒索。建议立即升级至 12.3.1.1139 版本修复漏洞。 https://t.co/lHGm4K2O9b
@buaqbot
21 Mar 2025
23 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📌 قامت Veeam بتصحيح ثغرة حرجة في برنامج Backup & Replication تُعرف باسم CVE-2025-23120، والتي تسمح لمستخدمي النطاق بتهديد خوادم النسخ الاحتياطي. من المهم تحديث البرنامج على الفور لحماية الأنظمة المتأثرة. https://t.co/1y4ZxYlQk5
@Cybercachear
20 Mar 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. https://t.co/3RF32Ujdg0
@BleepinComputer
20 Mar 2025
11395 Impressions
50 Retweets
119 Likes
26 Bookmarks
1 Reply
1 Quote
🚨 Dos grandes proveedores acaban de parchear vulnerabilidades críticas de ejecución remota de código (RCE). 🔴 Veeam Backup (CVE-2025-23120, 9.9/10) ➡️ Afecta a v12.3.0.310 y versiones anteriores ➡️ Permite RCE a usuarios autenticados ➡️ Solucionado en v12.3.1… https://t.
@Cyph3R_CyberSec
20 Mar 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam fixed critical Backup & Replication flaw CVE-2025-23120 https://t.co/xeHCfGgNeb
@hackplayers
20 Mar 2025
600 Impressions
3 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Veeam has released a critical patch for Backup & Replication, addressing a high-risk RCE vulnerability (CVE-2025-23120). Upgrade to version 12.3.1 to secure systems! 🛡️ #Veeam #RemoteCodeExecution #USA link: https://t.co/gtVmKs4ZU3 https://t.co/LvrugKnTSS
@TweetThreatNews
20 Mar 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【また君か】Veeam Backup & Replicationに重大(Critical)な脆弱性。CVE-2025-23120はCVSSスコア9.9で、認証済みドメインユーザー権限での遠隔コード実行が可能。 https://t.co/kgU9Hr6H8g パッチは特定のガジェットをブロックリストに追加するもので、デシリアライゼーションガジェットが
@__kokumoto
20 Mar 2025
1982 Impressions
4 Retweets
27 Likes
6 Bookmarks
0 Replies
0 Quotes
CVE-2025-23120 impacts Veeam Backup #VeeamBackup #CVE-2025-23120 https://t.co/nGsdGD6Zkd
@pravin_karthik
20 Mar 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-23120: CRITICAL] A vulnerability allowing remote code execution (RCE) for domain users.#cybersecurity,#vulnerability https://t.co/3dKAxVFUrn https://t.co/zYOHhjJKEd
@CveFindCom
20 Mar 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two major vendors just patched remote code execution flaws—update NOW before attackers exploit them. 🔴 Veeam Backup (CVE-2025-23120, 9.9/10) ➡️ Affects v12.3.0.310 & earlier ➡️ Allows RCE by authenticated users ➡️ Fixed in v12.3.1 (12.3.1.1139) 🔴 IBM AIX (CVE-2024-56346 &
@TheHackersNews
20 Mar 2025
13248 Impressions
59 Retweets
121 Likes
17 Bookmarks
0 Replies
1 Quote
🚨 A critical vulnerability (CVE-2025-23120) with a CVSS score of 9.9 in Veeam Backup & Replication allows remote code execution. Upgrade to version 12.3.1 to stay safe! #Veeam #RemoteCodeExecution #USA link: https://t.co/vEJA54vvz7 https://t.co/6PTwAY1Y7e
@TweetThreatNews
20 Mar 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BA5FCEB-9C3E-4C3E-B98A-91C25BC4FCB5",
"versionEndExcluding": "12.3.1.1139",
"versionStartIncluding": "12.0.0.1402"
}
],
"operator": "OR"
}
]
}
]