CVE-2025-48983

Critical CVSS: 9.9

A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.

Vendor

Veeam

Product

Veeam Backup \& Replication

CWE

NVD-CWE-noinfo

Yayın Tarihi

2025-10-31 00:15:36

Güncelleme

2025-12-01 21:15:50

Source Identifier

support@hackerone.com

KEV Date Added

Kategoriler

NVD-CWE-noinfo Veeam Backup \& Replication CRITICAL Veeam 2025

Referanslar

https://www.veeam.com/kb4771

Benzer Kayıtlar

Critical

CVE-2026-21666

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

Critical

CVE-2026-21667

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

High

CVE-2026-21668

A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup…

Critical

CVE-2026-21669

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

High

CVE-2026-21670

A vulnerability allowing a low-privileged user to extract saved SSH credentials.

Critical

CVE-2026-21671

A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE)…