Overview

Veeam Software has released critical security updates to address three high-impact vulnerabilities affecting its backup products. Patch version 12.3.2.4165 for Veeam Backup & Replication and 6.3.2.1302 for Veeam Agent for Microsoft Windows mitigate risks including remote code execution (RCE) and local privilege escalation (LPE). Two flaws—CVE-2025-48983 and CVE-2025-48984—could allow authenticated domain users to execute remote code on backup infrastructure. A third, CVE-2025-48982, enables local privilege escalation when a malicious file is restored.

These vulnerabilities pose significant risk, particularly to enterprise environments with domain-joined systems.

Affected Devices

  • Veeam Backup & Replication
    • Affected: Version 12.3.2.3617 and all earlier v12 builds
    • Notes: Only domain-joined servers are impacted.
    • Fixed In: Version 12.3.2.4165
  • Veeam Agent for Microsoft Windows
    • Affected: Version 6.3.2.1205 and earlier v6 builds
    • Fixed In: Version 6.3.2.1302

 

Recommended Remediations

ctrl:cyber strongly recommends the following actions:

  • Apply Patches Immediately:
    • Upgrade Veeam Backup & Replication to 12.3.2.4165.
    • Upgrade Veeam Agent for Microsoft Windows to 6.3.2.1302 or later.

Source