CVE-2025-24286

Summary

A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
VeeamBackup and Recovery12.3 <= 12.3affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References