Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Cisco Catalyst Center Vulnerability Allows Remote Attackers to Read Arbitrary Files
July 2, 2026
Mapbox Flaw Lets Hackers Target Vulnerability Researchers with Python RAT
July 2, 2026
FCC Bans Chinese Telecom Equipment From Huawei, ZTE, Others Over Security Risks
July 2, 2026
Home/CyberSecurity News/Veeam Backup Vulnerabilities Enables Remote Code Execution as Root
CyberSecurity News

Veeam Backup Vulnerabilities Enables Remote Code Execution as Root

Veeam Backup Vulnerabilities impacting Veeam Backup & Replication v13. Exploiting these flaws could grant attackers root-level access and enable arbitrary code execution on affected backup...

David kimber
David kimber
January 7, 2026 One Min Read
87 0

Veeam Backup Vulnerabilities impacting Veeam Backup & Replication v13. Exploiting these flaws could grant attackers root-level access and enable arbitrary code execution on affected backup systems.

The Vulnerabilities Allow Root by creating a malicious backup configuration file, carrying a CVSS v3.1 score of 7.2 (High severity).

A second Critical Veeam Backup config CVE-2025-59468 Medium 6.7 RCE as PostgreSQL user via password parameter CVE-2025-59469 High 7.2 Arbitrary file write as root CVE-2025-59470 Critical* 9.0 RCE as PostgreSQL user via interval/order parameter

At the same time, CVE-2025-59468 allows backup administrators to achieve RCE as the PostgreSQL user through malicious password parameters.

All four vulnerabilities affect VBR 13.0.1.180 and earlier versions of 13 builds. Earlier versions (12.x and older) remain unaffected.

The vulnerabilities are particularly concerning because they target privileged operator roles commonly used to manage enterprise backup systems.

Once disclosed, attackers typically reverse-engineer patches to exploit unpatched deployments, making rapid updates essential.

Organizations running affected versions of Veeam Backup & Replication must upgrade immediately to build 13.0.1.1071 or later.

Veeam recommends following its Security Guidelines to restrict operator role assignments to trusted personnel only.

The company emphasizes that network segmentation and strong authentication policies should complement patch deployment.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityVulnerability

Share Article

David kimber

David kimber

David is a penetration tester turned security journalist with expertise in mobile security, IoT vulnerabilities, and exploit development. As an OSCP-certified security professional, David brings hands-on technical experience to his reporting on vulnerabilities and security research. His articles often feature detailed technical analysis of exploits and provide actionable defense recommendations. David maintains an active presence in the security research community and has contributed to multiple open-source security tools.

Previous Post

D-Link Router Command Injection Vulnerability Actively Exploited in the Wild

Next Post

Chinese Hackers Actively Attacking Taiwan Critical Infrastructure

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
CISA Warns of Microsoft SharePoint Server Code Execution Vulnerability Exploited in Attacks
July 2, 2026
Chrome API Flaw Exposes Android Photos to Ransomware
July 2, 2026
WinRAR 7.23 Patches Critical Heap Overflow Vulnerability CVE-2024-XXXX
July 2, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us