CVE-2023-27532
Published Mar 10, 2023
Last updated 4 months ago
- Description
- Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
- Source
- support@hackerone.com
- NVD status
- Analyzed
- Products
- veeam_backup_\&_replication
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability
- Exploit added on
- Aug 22, 2023
- Exploit action due
- Sep 12, 2023
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
JobTwo from @vulnlab_eu now on @hackthebox_eu is the sequel to Job from @vulnlab_eu. Phishing with Word macros, hMailServer database decryption with a known Blowfish key, password cracking, and CVE-2023-27532 in Veeam Backup & Replication for SYSTEM. https://t.co/VSDlJuoP9a
@0xdf_
27 Jan 2026
1541 Impressions
8 Retweets
37 Likes
7 Bookmarks
0 Replies
0 Quotes
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2021-26857 (Exchange On-Pre..) +210.76% - CVE-2022-26500 (Veeam Backup & ..) +24.70% - CVE-2023-27532 (Veeam Backup & ..) +17.62% - CVE-2022-41352 (Zimbra Zimbra C..) +16.52% - CVE-2019-5591 (Forti
@DefusedCyber
29 Sept 2025
33921 Impressions
50 Retweets
256 Likes
138 Bookmarks
3 Replies
2 Quotes
Actively exploited CVE : CVE-2023-27532
@transilienceai
24 Sept 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2021-26857 (Exchange On-Pre..) +210.76% - CVE-2022-26500 (Veeam Backup & ..) +24.70% - CVE-2015-2291 (IQVW32.sys (BYO..) +22.80% - CVE-2023-27532 (Veeam Backup & ..) +17.62% - CVE-2021-27876 (Verit
@DefusedCyber
22 Sept 2025
10416 Impressions
13 Retweets
89 Likes
63 Bookmarks
1 Reply
1 Quote
New IOC Alert → From SharePoint Vulnerability Exploit to Enterprise Ransomware. ■ Adversary: Warlock ■ Indicator: CVE-2023-27532
@CTI131
20 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2023-27532
@transilienceai
19 Jun 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Estensioni VSCode e backdoor Betruger RansomHub facilitano i ransomware Sicurezza Informatica, ahban.shiba, backdoor modulare, Betruger, CVE-2023-27532, cybercrime, estensioni malevole, RansomHub, Ransomware, ReversingLabs, supply chain attack, VSCode https://t.co/MJr5n6KdKA http
@matricedigitale
21 Mar 2025
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
履歴書を餌としたTA4557/FIN6によるフィッシング事例。The DFIR Report報告。ie4uinit.exeやmsxsl.exe等のLOLBin(現地調達型攻撃に使えるバイナリ)を用いてmore_eggsマルウェアを実行。CVE-2023-27532でVeeamサーバを攻撃。CloudflaredをインストールしRDPをトンネリング。 https://t.co/RPvWeF6Nog
@__kokumoto
2 Dec 2024
405 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
#Akira #Ransomware DLS is online again. hxxps://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/ Their favorite vulnerabilities used in different breaches are: CVE-2023-27532, CVE-2024-37085 https://t.co/ep1WtMrFtF
@ShanHolo
11 Nov 2024
541 Impressions
4 Retweets
10 Likes
2 Bookmarks
0 Replies
0 Quotes
#Vulnerability #CVE202327532 Ransomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber Infrastructure https://t.co/f8ktLVN2bs
@Komodosec
27 Oct 2024
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD9FAE2-4E62-41AC-85EC-5793FD30A3AD",
"versionEndExcluding": "11.0.1.1261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:11.0.1.1261:-:*:*:*:*:*:*",
"matchCriteriaId": "EC28D606-0A9B-46E5-A88C-8041357979DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:11.0.1.1261:p20211123:*:*:*:*:*:*",
"matchCriteriaId": "8158D6BC-2041-4600-B935-AD928621D987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:11.0.1.1261:p20211211:*:*:*:*:*:*",
"matchCriteriaId": "54A5147A-341A-4790-AAA8-DF2648423C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:11.0.1.1261:p20220302:*:*:*:*:*:*",
"matchCriteriaId": "0F5A2E58-F9C3-4A65-A83B-C86C970A01D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:12.0.0.1420:-:*:*:*:*:*:*",
"matchCriteriaId": "CA570EC1-4A95-4AD3-8E8C-087769F95F02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]