Critical Veeam Backup Vulnerabilities Allow Root RCE

Veeam Backup Vulnerabilities impacting Veeam Backup & Replication v13. Exploiting these flaws could grant attackers root-level access and enable arbitrary code execution on affected backup systems.

The Vulnerabilities Allow Root by creating a malicious backup configuration file, carrying a CVSS v3.1 score of 7.2 (High severity).

A second Critical Veeam Backup config CVE-2025-59468 Medium 6.7 RCE as PostgreSQL user via password parameter CVE-2025-59469 High 7.2 Arbitrary file write as root CVE-2025-59470 Critical* 9.0 RCE as PostgreSQL user via interval/order parameter

At the same time, CVE-2025-59468 allows backup administrators to achieve RCE as the PostgreSQL user through malicious password parameters.

All four vulnerabilities affect VBR 13.0.1.180 and earlier versions of 13 builds. Earlier versions (12.x and older) remain unaffected.

The vulnerabilities are particularly concerning because they target privileged operator roles commonly used to manage enterprise backup systems.

Once disclosed, attackers typically reverse-engineer patches to exploit unpatched deployments, making rapid updates essential.

Organizations running affected versions of Veeam Backup & Replication must upgrade immediately to build 13.0.1.1071 or later.

Veeam recommends following its Security Guidelines to restrict operator role assignments to trusted personnel only.

The company emphasizes that network segmentation and strong authentication policies should complement patch deployment.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.