Vendor: Veeam
Product: Veeam Backup & Replication / Veeam Agent for Microsoft Windows
CVE IDs: CVE-2025-48982, CVE-2025-48983, CVE-2025-48984

Severity:

• CVE-2025-48983: CVSS v3: 9.9 — Remote Code Execution (RCE) via the Mount service
• CVE-2025-48984: CVSS v3: 9.9 — Remote Code Execution (RCE) via the backup server
• CVE-2025-48982: CVSS v3: 7.3 — Local privilege escalation during restoration of malicious files

Description:
Two Critical vulnerabilities have been discovered in Veeam Backup & Replication v12 and one High in Veeam Agent for Microsoft Windows:

• CVE-2025-48983: A flaw in the Mount service allows remote arbitrary code execution on backup hosts by an authenticated domain user.
• CVE-2025-48984: A similar vulnerability enables remote code execution on the Veeam Backup server.
• CVE-2025-48982: Local privilege escalation is possible when an administrator restores a malicious file using Veeam Agent for Windows.

These vulnerabilities affect only domain-joined servers; Veeam appliances and the upcoming version 13 are not impacted from an architectural standpoint.

Affected Versions:

• Veeam Backup & Replication: Versions ≤ 12.3.2.3617 and all versions ≤ 12
• Veeam Agent for Windows: Versions ≤ 6.3.2.1205 and all versions < 6

Fix:

• Veeam Backup & Replication: Update to version 12.3.2.4165 or later
• Veeam Agent for Windows: Update to version 6.3.2.1302 or later

Official Link: https://www.veeam.com/kb4771