[VULNERABILITY ALERT] Veeam Backup & Replication Backup Software Contains a Critical Security Vulnerability (CVE-2025-59470)

• Subject: [VULNERABILITY ALERT] Veeam Backup & Replication Backup Software Contains a Critical Security Vulnerability (CVE-2025-59470)

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center Security Alert TWCERTCC-200-202601-00000004
  • Veeam Backup & Replication is the core backup software of Veeam. Recently, Veeam released a critical security vulnerability announcement. This vulnerability (CVE-2025-59470, CVSS: 9.0) allows a Backup or Tape Operator to send malicious interval or order parameters to execute remote code execution (RCE) as the postgres user.
• Affected Platforms:
  • Veeam Backup & Replication version 13.0.1.180 (inclusive) and earlier version 13 releases
• Recommended Actions:
  • Update Veeam Backup & Replication to version 13.0.1.1071 (inclusive) or later
• Reference Material:
  1. https://www.twcert.org.tw/tw/cp-169-10618-1b9d3-1.html

Computer and Communication Center
Network Systems Division, Respectfully