[Vulnerability Alert] Two Major Security Vulnerabilities Found in Veeam Backup and Replication Software

• Subject: [Vulnerability Alert] Two Major Security Vulnerabilities Found in Veeam Backup and Replication Software

• Content:
  • Forwarded from Taiwan Computer Network Emergency Response Team/Coordination Center TWCERTCC-200-202510-00000005
  • Veeam Backup and Replication is Veeam's core backup software. Veeam recently issued a major security vulnerability advisory.
  • [CVE-2025-48983, CVSS: 9.9] This vulnerability exists in the Mount Service of Veeam Backup and Replication, allowing a domain-authenticated user to execute remote code on the backup infrastructure host.
  • [CVE-2025-48984, CVSS: 9.9] This vulnerability allows a domain-authenticated user to execute remote code on the backup server.
• Affected Platforms:
  • Veeam Backup and Replication versions prior to or including 12.3.2.3617
• Recommended Action:
  • Update to Veeam Backup and Replication version 12.3.2.4165 or later
• References:
  • https://www.twcert.org.tw/tw/cp-169-10443-f096d-1.html

Computer and Communications Center
Network Systems Group