Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-23121

CRITICAL
Published 2025-06-18T23:30:48.375Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-23121. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.0
9.9
/10
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.003
probability
of exploitation in the wild

There is a 0.3% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.513
Higher than 51.3% of all CVEs

Attack Vector Metrics

Attack Vector
Not Available
Attack Complexity
Not Available
Privileges Required
Not Available
User Interaction
Not Available
Scope
Not Available

Impact Metrics

Confidentiality
Not Available
Integrity
Not Available
Availability
Not Available

Description

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user

Available Exploits

No exploits available for this CVE.

Related News

Watch out, Veeam fixed a new critical bug in Backup & Replication product

Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution. Veeam has rolled out security patches to address a critical security vulnerability, tracked CVE-2025-23121 (CVSS score of 9.9) in its Bโ€ฆ

Securityaffairs.com 2025-06-18 13:33
Read More
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out oโ€ฆ

Internet 2025-06-18 05:49
Read More

Affected Products

Veeam

Backup and Recovery

Affected Versions:

12.3.1

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user

Affected Products (ENISA)

veeam
backup and recovery

ENISA Scoring

CVSS Score (3.0)

9.9
/10
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

0.210
probability

ENISA References

https://www.veeam.com/kb4743

Data provided by ENISA EU Vulnerability Database. Last updated: June 18, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

โš  Unreviewed CRITICAL

GHSA-2wh3-fp99-rprg

Advisory Details

A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-23121
WEB https://www.veeam.com/kb4743

Advisory provided by GitHub Security Advisory Database. Published: June 19, 2025, Modified: June 19, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

3 posts
Reddit โ€ข 1ย month ago
MauriceTorres
Exploit PoC

๐“๐จ๐๐š๐ฒ'๐ฌ ๐๐š๐ญ๐œ๐ก ๐“๐ฎ๐ž๐ฌ๐๐š๐ฒ ๐จ๐ฏ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ โ€ข Microsoft has addressed ๐Ÿ๐Ÿ‘๐Ÿ• ๐ฏ๐ฎ๐ฅ๐ง๐ž๐ซ๐š๐›๐ข๐ฅ๐ข๐ญ๐ข๐ž๐ฌ, ๐ง๐จ ๐ณ๐ž๐ซ๐จ-๐๐š๐ฒ๐ฌ, ๐Ÿ๐Ÿ’ ๐œ๐ซ๐ข๐ญ๐ข๐œ๐š๐ฅ and ๐จ๐ง๐ž ๐ฐ๐ข๐ญ๐ก ๐๐จ๐‚ โ€ข Third-party: web browsers, Linux Sudo, Citrix NetScaler, Cisco, WordPress, WinRAR, Brother printers, GitHub, Teleport, Veeam, Grafana, Palo Alto Networks, and Trend Micro. Navigate to ๐•๐ฎ๐ฅ๐ง๐ž๐ซ๐š๐›๐ข๐ฅ๐ข๐ญ๐ฒ ๐ƒ๐ข๐ ๐ž๐ฌ๐ญ ๐Ÿ๐ซ๐จ๐ฆ ๐€๐œ๐ญ๐ข๐จ๐ง๐Ÿ for comprehensive summary โ€ฆ

Also mentions: CVE-2025-20309 CVE-2025-6554 CVE-2025-6463 CVE-2024-51978 CVE-2025-32463 CVE-2025-32462 CVE-2024-51977 CVE-2025-20282 CVE-2025-20281 CVE-2025-49212 CVE-2025-49825 CVE-2025-49220 CVE-2025-5777 CVE-2025-4232 CVE-2025-4231 CVE-2025-4230 CVE-2025-33053 CVE-2025-4123 CVE-2025-3509
11
11.0
View Original High Risk
Reddit โ€ข 1ย month, 3ย weeks ago
kmskrishna

CVE-2025-23121 Critical Veeam Vulnerability: Backup Servers at Risk from Authenticated RCE Flaw

1
1.0
View Original
Reddit โ€ข 1ย month, 3ย weeks ago
TheCyberSecurityHub

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

1
1.0
View Original

References

https://www.veeam.com/kb4743
Published: 2025-06-18T23:30:48.375Z
Last Modified: 2025-06-23T16:05:49.555Z
Copied to clipboard!