CVE-2025-23120

Published Mar 20, 2025

Last updated a year ago

CVSS high 8.8
Veeam

Overview

Description
A vulnerability allowing remote code execution (RCE) for domain users.
Source
support@hackerone.com
NVD status
Analyzed
Products
veeam_backup_\&_replication

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

CVSS 3.0

Type
Secondary
Base score
9.9
Impact score
6
Exploitability score
3.1
Vector string
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-502

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

8

  1. ✒️ Banning Blacklists: Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120) Blog: https://t.co/J5L0yUPyLs #infosec https://t.co/HlLmUkPvQU

    @mqst_

    26 Mar 2026

    4210 Impressions

    14 Retweets

    83 Likes

    35 Bookmarks

    0 Replies

    0 Quotes

  2. ✒️ Banning Blacklists: Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120) Blog: https://t.co/J5L0yUPyLs author: @SinSinology & @chudyPB https://t.co/RQpuNGOAur

    @mqst_

    11 Sept 2025

    1845 Impressions

    9 Retweets

    21 Likes

    13 Bookmarks

    0 Replies

    0 Quotes

  3. 🔒 Veeam Backup just got a reality check! A critical flaw (CVE-2025-23120) lets sneaky users run wild on your servers. Update to 12.3.1 pronto, or it might be a backup disaster! #Veeam #Cybersecurity #Oops https://t.co/wal2MlDjD6

    @windowsforum

    18 Jun 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    15 Apr 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. One of these things is not like the other- all cover the 2 Rockwell products with Veeam impacted by CVE-2025-23120 UK NHS Digital says PoC available, Cyble says PoC available https://t.co/Cg7SjORzCz https://t.co/ZbWoKdQ8tK https://t.co/gztWRoxXT0 https://t.co/tCoIttwTY7

    @cyber_megan

    11 Apr 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  6. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    8 Apr 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. #CVE #Exploit #redteam CVE ID: CVE-2025-23120 System: Veeam Backup & Replication Type: RCE Exploit: Veeam Backup & Replication 12.3.0.310 & All earlier version 12 builds. More Info: https://t.co/1jATzgant2 Poc: https://t.co/KnZda9yhvV

    @ksg93rd

    5 Apr 2025

    1667 Impressions

    6 Retweets

    27 Likes

    17 Bookmarks

    0 Replies

    0 Quotes

  8. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    30 Mar 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  9. Our crew members @mwulftange & @frycos discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam's blacklist for CVE-2024-40711 & CVE-2025-23120 as well as further entry points following @SinSinology & @chudyPB's blog. Don’t blacklist, replace

    @codewhitesec

    28 Mar 2025

    4737 Impressions

    20 Retweets

    69 Likes

    12 Bookmarks

    0 Replies

    2 Quotes

  10. Veeam Backup & Replication の脆弱性 CVE-2025-23120 (CVSS 9.9) が FIX:RCE の恐れ https://t.co/czzXN0hPhG VBR の深刻な RCE 脆弱性が FIXしました。同製品の脆弱性は、実際に悪用されるケースが多く見られます。ご利用のチームは、迅速なアップデートを、ご検討下さい。よ #CVE202523120 #VBR

    @iototsecnews

    28 Mar 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    28 Mar 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    27 Mar 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  13. 🚨 A critical vulnerability exists in Veeam Backup & Replication software (CVE-2025-23120). Please see the @ncsc_gov_ie advisory for more info: https://t.co/izXHa9KHVh

    @ncsc_gov_ie

    26 Mar 2025

    91 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Faille critique chez Veeam ! Une vulnérabilité (CVE-2025-23120) dans Backup & Réplication (v12.3 & avant) permet des attaques à distance. Réparée le 23/03/25 Si votre serveur est sur un domaine, danger ! Mettez à jour..., les ransomware adorent ça. #Cybersecurite #VeeamPa

    @ECSI_MA

    24 Mar 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. 🚨 Ejecución remota de código en Veeam Importancia 5 - Crítica Veeam Backup & Replication 12.3.0.310 y todas las compilaciones anteriores a la versión CVE-2025-23120 https://t.co/vvW1fme6g1 https://t.co/O3ar3H0JD0

    @elhackernet

    24 Mar 2025

    4618 Impressions

    20 Retweets

    52 Likes

    17 Bookmarks

    0 Replies

    0 Quotes

  16. VeeamのVeeam Backup & Replication でリモートコード実行が可能な脆弱性(CVE-2025-23120)が発生しました。パッチはリリースされているので早急な適用をお勧めします。 #セキュリティ対策Lab #セキュリティ #Security https://t.co/3Cxk4ysciC

    @securityLab_jp

    24 Mar 2025

    24 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  17. 🚨 Critical patch alert! CVE-2025-23120 in Veeam Backup & Replication allows domain users to execute arbitrary code. High impact, medium probability. Update now to secure your systems! #CVE-2025-23120 #Cybersecurity https://t.co/hx5y5pX8ly

    @RedTeamNewsBlog

    24 Mar 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) - Help Net Security https://t.co/cAYbV7WZCR

    @PVynckier

    23 Mar 2025

    106 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    23 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  20. Two major vendors just patched remote code execution flaws—update NOW before attackers exploit them. 🔴 Veeam Backup (CVE-2025-23120, 9.9/10) ➡️ Affects v12.3.0.310 & earlier ➡️ Allows RCE by authenticated users ➡️ Fixed in v12.3.1 (12.3.1.1139) 🔴 IBM AIX (CVE-2024-56346 &

    @achi_tech

    22 Mar 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. آسیب پذیری جدیدی با کد شناسایی CVE-2025-23120 برای محصول Veeam Backup منتشر شده است. نسخه های 12, 12.1, 12.2, 12.3 دارای این آسیب پذیری هستند. برای پیشگیری و مقابله با این تهدید به نسخه 12.3.1 به روز رسانی نمایید. https://t.co/Poz3aKY03t https://t.co/LxuM9PrRTB

    @AmirHossein_sec

    22 Mar 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 【Veeam製バックアップソフトに重大な脆弱性、至急アップデートを推奨】 Veeamのバックアップ製品に深刻なリモートコード実行(RCE)脆弱性(CVE-2025-23120)が発見されました。攻撃者による遠隔操作が可能なため、最新版への即時更新が推奨されています。 https://t.co/JsqJENT8Zf

    @StudySEC_Site

    22 Mar 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    22 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 🚨 Urgent Update: Veeam and IBM have released patches for critical vulnerabilities in their software. Veeam’s flaw (CVE-2025-23120) allows remote code execution, with a CVSS score of 9.9, affecting versions 12.3.0.310 and earlier.

    @fynn_JourX

    22 Mar 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  25. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    21 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  26. Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution. The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. https://t.co/0acQkeqcaW https:/

    @riskigy

    21 Mar 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Veeam patched the critical CVE-2025-23120 vulnerability in Backup & Replication affecting domain-joined installations. Disclosed recently, it enabled remote code execution. Fixed in version 12.3.1, it allows exploitation by any domain user on impacted setups. #Security https:

    @Strivehawk

    21 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. 📰 Latest News: Veeam fixed critical Backup & Replication flaw CVE-2025-23120 More on: https://t.co/kkULnIkU5q https://t.co/qmaTol5zBU

    @StudiosClancy

    21 Mar 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. #Threat_Research 1. Legacy Driver Exploitation Through Bypassing Certificate Verification https://t.co/iFmmZ8D37f 2. Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120) https://t.co/9IZpUK4K4P 3. BMC&C Vulnerabilities https://t.co/5c8ER57kXh

    @ksg93rd

    21 Mar 2025

    59 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  30. Critical Veeam RCE Vulnerability CVE-2025-23120 (CVSS 9.9) allows attackers to execute code remotely in Veeam Backup & Replication. Ransomware gangs often target Veeam — update to version 12.3.1 now to stay protected! https://t.co/4QEzKW1Tr8 #CyberSecurity #RCE #Vulnerabi

    @dCypherIO

    21 Mar 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. We constantly stress the need for immutable or offline backups. Backups are targeted by ransomware groups to limit the ability to restore after an attack. CVE-2025-23120 is an RCE for domain joined #Veeam servers, exploitable by any domain user. https://t.co/Fv4GIh7lgc

    @ct_is

    21 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. We constantly stress the need for immutable or offline backups. Backups are targeted by ransomware groups to limit the ability to restore after an attack. #CVE-2025-23120 is an RCE for domain joined #Veeam servers, exploitable by any domain user. https://t.co/Fv4GIh7lgc

    @ct_is

    21 Mar 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. VeeamのRCEバグによりドメインユーザーがバックアップサーバーをハック可能に、今すぐパッチを適用してください(CVE-2025-23120) https://t.co/9d7xiDJoTI #Security #セキュリティ #ニュース

    @SecureShield_

    21 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. Actively exploited CVE : CVE-2025-23120

    @transilienceai

    21 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  35. 🚨 Attention IT professionals! A critical RCE vulnerability (CVE-2025-23120) has been found in Veeam's Backup & Replication software, putting domain-joined installations at risk.

    @fynn_JourX

    21 Mar 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  36. 🚨 CVE-2025-23120 in #Veeam (CVSS 9.9) lets any domain user run remote code via insecure deserialization. Affects v12.3.0.310 & earlier. Patch to 12.3.1.1139 now! 🛡 Detect threats fast with SOCRadar’s #VulnerabilityIntelligence https://t.co/sFIGTnRgip

    @socradar

    21 Mar 2025

    92 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  37. 🚨 Veeam fixes critical RCE flaw (CVE-2025-23120, CVSS 9.9) in Backup & Replication software. Affects v12.3.0.310 & earlier. Patch now! 🛠️ IBM also releases security updates. 🔗 More details: https://t.co/sWQvmnQOlI #CyberSecurity #InfoSec https://t.co/sWQvmnQOlI

    @SalvadorCloud

    21 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. 🔒 CVE-2025-23120 (CVSS 9.9): Critical RCE in Veeam Backup 🖥️ Affects v12.3.0.310 & earlier. Patch to v12.3.1🚨. #Cybersecurity #Veeam #Cve Read more: https://t.co/GpRX2ZqB6r https://t.co/HIl2z3IJjY

    @threatsbank

    21 Mar 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. 🚨 CVE Alert: Critical Veeam Backup & Replication remote code execution (RCE) Vulnerability 🚨 Vulnerability Details: CVE-2025-23120 (CVSS 9.9/10) Veeam Backup & Replication remote code execution (RCE) Vulnerability Impact: A successful exploit malware allow remote co

    @CyberxtronTech

    21 Mar 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. 🚨 CVE Alert: Critical Veeam Backup & Replication remote code execution (RCE) Vulnerability 🚨 Vulnerability Details: CVE-2025-23120 (CVSS 9.9/10) Veeam Backup & Replication remote code execution (RCE) Vulnerability Impact: A successful exploit malware allow remote co

    @CyberxtronTech

    21 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. Critical RCE vulnerability (CVE-2025-23120) in Veeam Backup & Replication allows domain users to exploit backup servers. Patch now to secure your systems! 🛡️ #Veeam #DataProtection #USA link: https://t.co/bqibUvdsOi https://t.co/b07eeJMUlF

    @TweetThreatNews

    21 Mar 2025

    24 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  42. 🚨 CVE-2025-23120 ⚠️🔴 CRITICAL (9.9) 🏢 Veeam - Backup and Recovery 🏗️ 12.3 🔗 https://t.co/ydTuITplJK #CyberCron #VulnAlert #InfoSec https://t.co/ozA1vuNSbr

    @cybercronai

    21 Mar 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. 系统备份软件Veeam Backup出现高危安全漏洞 攻击者可以轻松破坏服务器 Veeam Backup & Replication 存在高危反序列化漏洞(CVE-2025-23120),影响 12.x 旧版本。攻击者可借此访问备份服务器窃取或破坏数据,甚至实施勒索。建议立即升级至 12.3.1.1139 版本修复漏洞。 https://t.co/lHGm4K2O9b

    @buaqbot

    21 Mar 2025

    23 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  44. 📌 قامت Veeam بتصحيح ثغرة حرجة في برنامج Backup & Replication تُعرف باسم CVE-2025-23120، والتي تسمح لمستخدمي النطاق بتهديد خوادم النسخ الاحتياطي. من المهم تحديث البرنامج على الفور لحماية الأنظمة المتأثرة. https://t.co/1y4ZxYlQk5

    @Cybercachear

    20 Mar 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. https://t.co/3RF32Ujdg0

    @BleepinComputer

    20 Mar 2025

    11395 Impressions

    50 Retweets

    119 Likes

    26 Bookmarks

    1 Reply

    1 Quote

  46. 🚨 Dos grandes proveedores acaban de parchear vulnerabilidades críticas de ejecución remota de código (RCE). 🔴 Veeam Backup (CVE-2025-23120, 9.9/10) ➡️ Afecta a v12.3.0.310 y versiones anteriores ➡️ Permite RCE a usuarios autenticados ➡️ Solucionado en v12.3.1… https://t.

    @Cyph3R_CyberSec

    20 Mar 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. Veeam fixed critical Backup & Replication flaw CVE-2025-23120 https://t.co/xeHCfGgNeb

    @hackplayers

    20 Mar 2025

    600 Impressions

    3 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. 🚨 Veeam has released a critical patch for Backup & Replication, addressing a high-risk RCE vulnerability (CVE-2025-23120). Upgrade to version 12.3.1 to secure systems! 🛡️ #Veeam #RemoteCodeExecution #USA link: https://t.co/gtVmKs4ZU3 https://t.co/LvrugKnTSS

    @TweetThreatNews

    20 Mar 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. 【また君か】Veeam Backup & Replicationに重大(Critical)な脆弱性。CVE-2025-23120はCVSSスコア9.9で、認証済みドメインユーザー権限での遠隔コード実行が可能。 https://t.co/kgU9Hr6H8g パッチは特定のガジェットをブロックリストに追加するもので、デシリアライゼーションガジェットが

    @__kokumoto

    20 Mar 2025

    1982 Impressions

    4 Retweets

    27 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  50. CVE-2025-23120 impacts Veeam Backup #VeeamBackup #CVE-2025-23120 https://t.co/nGsdGD6Zkd

    @pravin_karthik

    20 Mar 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious password parameter.CVE-2025-59468
  2. This vulnerability allows a Backup or Tape Operator to write files as root.CVE-2025-59469
  3. This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.CVE-2025-59470
  4. This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup configuration file.CVE-2025-55125
  5. A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.CVE-2025-48984

References

Sources include official advisories and independent security research.