Skip to main content

Veeam Backup & Replication 13 critical remote code execution (RCE) vulnerability

  • January 8, 2026
  • 6 comments
  • 209 views
vAdmin
Forum|alt.badge.img+2

As the leading backup software solution, Veeam is always targeted by the adversary globally and constantly.

High-severity:

  • CVE-2025-59470
  • CVE-2025-55125

Medium-severity

  • (CVE-2025-59468) 

Kudos to the VBR R&D Team for releasing the patch https://www.veeam.com/kb4738 

Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner, Certified Cybersecurity

    6 comments

    lukas.k
    Forum|alt.badge.img+13
    • lukas.k
    • Influencer
    • January 8, 2026

    Good thing: It for v13, so any v12 installations don’t have to be patched. :)

    LK | Enterprise Architect @ Veeam Software | Former Veeam Vanguard | Security Specialist
      vAdmin
      Forum|alt.badge.img+2
      • vAdmin
      • Author
      • Influencer
      • January 8, 2026

      Good thing: It for v13, so any v12 installations don’t have to be patched. :)

      Yes, and for Windows Server installations as well.

      Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner, Certified Cybersecurity
        waqasali
        Forum|alt.badge.img+4
        • waqasali
        • On the path to Greatness
        • January 8, 2026

        Current version is build 13.0.1.180. Do I need to do something?  

        Waqas Ali
          lukas.k
          Forum|alt.badge.img+13
          • lukas.k
          • Influencer
          • January 8, 2026

          Current version is build 13.0.1.180. Do I need to do something?  

          If you want to make sure to close the security vulnerabilities - yes. Most recent version (patch) is 13.0.1.1071

          LK | Enterprise Architect @ Veeam Software | Former Veeam Vanguard | Security Specialist
            vAdmin
            Forum|alt.badge.img+2
            • vAdmin
            • Author
            • Influencer
            • January 8, 2026

            Current version is build 13.0.1.180. Do I need to do something?  

            Yes, please, apply the patch from the KB article above.

            Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner, Certified Cybersecurity
            Chris.Childerhose
            Forum|alt.badge.img+21
            • Chris.Childerhose
            • Veeam Legend, Veeam Vanguard
            • January 8, 2026

            Applied this yesterday in my lab for testing.  Good thing next week when we start upgrading from 12 we will go to this release straight away. 😁

            Chris Childerhose (Enterprise Architect) - VMCA | VMCE | VMCE-SP | Veeam Vanguard 8* | Veeam Legend 5* | VUG Canada Leader | vExpert 7* | Toronto VMUG Leader | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
              Terms & ConditionsAccessibility statement