Remote Code Execution Vulnerability in Veeam Backup & Replication
CVE-2025-48983

10CRITICAL

Key Information:

Vendor: Veeam
Status: Backup And Replication
Vendor: CVE Published:; 30 October 2025

Badges

📰 News Worthy

What is CVE-2025-48983?

A vulnerability exists in the Mount service of Veeam Backup & Replication that allows an authenticated domain user to exploit the system, leading to potential remote code execution on the backup infrastructure hosts. This vulnerability underscores the significance of maintaining robust security measures and timely software updates to protect against unauthorized access and potential threats.

Affected Version(s)

Backup and Replication 12.3.2

News Articles

Cyber Press

CVE-2025-48983

Critical Veeam Backup Flaws Allow Remote Code Execution

Veeam has released Patch 12.3.2.4165 for Backup & Replication, resolving three significant security flaws that could expose organizations.

GBHackers News

CVE-2025-48983 CVE-2025-48984

Critical Veeam Backup RCE Flaws Allow Remote Execution of Malicious Code

Veeam has released an urgent security patch to address multiple critical remote code execution (RCE) vulnerabilities in Veeam Backup & Replication version 12.

References

https://www.veeam.com/kb4771

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2025
📰
First article discovered by GBHackers News
Oct 15, 2025
Vulnerability Reserved
May 29, 2025

JSON