AI description
CVE-2025-48984 is a remote code execution (RCE) vulnerability affecting Veeam Backup & Replication v12. It allows an authenticated domain user to execute arbitrary code on the Backup Server. The vulnerability stems from improper handling of user-supplied data in server-side routines, potentially allowing unauthorized commands to be executed with backup server privileges. This vulnerability impacts only domain-joined Veeam Backup & Replication v12 backup infrastructure servers. The flaw was discovered by Sina Kheirkhah and Piotr Bazydlo of watchTowr. Veeam has released patch 12.3.2.4165 to address this vulnerability.
- Description
- A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
- Source
- support@hackerone.com
- NVD status
- Analyzed
- Products
- veeam_backup_\&_replication
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-94
- Hype score
- Not currently trending
CVE-2025-48984 A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user. https://t.co/AMUY6gAUR4
@CVEnew
31 Oct 2025
347 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en productos Veeam ❗CVE-2025-48983 ❗CVE-2025-48984 ❗CVE-2025-48982 ➡️Más info: https://t.co/iJ4ewatRET https://t.co/ueJGm0gZKl
@CERTpy
20 Oct 2025
146 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Veeam Backup & Replicationに2つの高リスク脆弱性(CVE-2025-48983,CVE-2025-48984)|セキュリティニュースのセキュリティ対策Lab https://t.co/22byFPJij1
@Luke06121
18 Oct 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en productos Veeam ❗CVE-2025-48983 ❗CVE-2025-48984 ❗CVE-2025-48982 ➡️Más info: https://t.co/vUAnOm4ybD https://t.co/CoGqKyrGXG
@CERTpy
17 Oct 2025
115 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Veeam Backup & Replicationに2つの高リスク脆弱性(CVE-2025-48983,CVE-2025-48984) https://t.co/9McDh2uLIE #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
17 Oct 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨:CVE-2025-48983 & CVE-2025-48984 ( Both CVSS 9.9):Critical RCE Flaws Found in Veeam Backup & Replication 📊1.7K Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/3xYBavXjHI 👇Query HUNTER : https://t.co/q9rtuGfZuz="Vee
@HunterMapping
16 Oct 2025
2110 Impressions
7 Retweets
32 Likes
14 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨:CVE-2025-48983 & CVE-2025-48984 (CVSS 9.9):Critical RCE Flaws Found in Veeam Backup & Replication 📊1.7K Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/3xYBavXjHI 👇Query HUNTER : https://t.co/q9rtuGfZuz="Veeam Bac
@HunterMapping
16 Oct 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Upozorňujeme na zranitelnosti ve Veeam Backup & Replication, CVE-2025-48983 a CVE-2025-48984. CVE-2025-48983 - Vzdálené spuštění kódu v Mount Service: Zranitelnost umožňuje autentizovanému doménovému uživateli zneužít Mount Service ve Veeam Backup & Re
@GOVCERT_CZ
15 Oct 2025
34 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-48983 & CVE-2025-48984 (CVSS 9.9): Critical RCE Flaws Found in Veeam Backup & Replication 🎯1k+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link: https://t.co/wNNUU0Sro7 FOFA Query:app="Veeam-Backup-Ent-Manager" 🔖Refer
@fofabot
15 Oct 2025
1922 Impressions
7 Retweets
23 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨🚨Critical RCE Vulnerabilities in Veeam Backup & Replication CVE-2025-48983 (CVSS 9.9): Authenticated domain users can RCE backup infrastructure hosts. CVE-2025-48984 (CVSS 9.9): Authenticated domain users can RCE the Backup Server. ZoomEye Dork👉app="Veeam Backup En
@zoomeye_team
15 Oct 2025
36590 Impressions
60 Retweets
188 Likes
89 Bookmarks
3 Replies
6 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veeam:veeam_backup_\\&_replication:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABA6D012-0B73-4D37-B42E-1BAE5E4A4221",
"versionEndExcluding": "12.3.2.4165",
"versionStartIncluding": "12.0.0.1402"
}
],
"operator": "OR"
}
]
}
]