Security News > 2023 > March > Veeam fixes bug that lets hackers breach backup infrastructure
Veeam urged customers to patch a high-severity Backup Service security vulnerability impacting its Backup & Replication software.
The flaw was reported in mid-February by a security researcher known as Shanigen, and it affects all Veeam Backup & Replication versions.
According to Veeam's advisory, the root cause behind this flaw is the Veeam.
"If you are not the current manager of your Veeam environment, please forward this email to the proper person."
It's important to note that this workaround should only be used in non-distributed Veeam environments since it will also affect the mount servers' connections to the VBR server.
Veeam says its backup, disaster recovery, and data protection software is being used by over 450,000 customers worldwide, including 82% of Fortune 500 companies and 72% of the ones in the Global 2,000.
News URL
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Orange Group confirms breach after hacker leaks company documents (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Silk Typhoon hackers now target IT supply chains to breach networks (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems (source)
- Veeam RCE bug lets domain users hack backup servers, patch now (source)