Veeam Backup & Replication just got hit with a critical vulnerability—CVE-2025-23120—that allows authenticated domain users to execute arbitrary code remotely on the backup server. This is a perfect storm for attackers, especially since backups are the last line of defense in any IT infrastructure.

The vulnerability is found in Veeam Backup & Replication versions 12.3.0.310 and earlier, with a CVSS score of 9.9, making it highly critical. The exploit targets domain-joined servers specifically, so standalone or workgroup backups are safe… for now.

Why does this matter? Imagine an attacker with domain access able to run their own code on the backup system. The impact could range from data breaches to total server compromise. And with the patch just released in Veeam Backup & Replication 12.3.1, it's clear that users need to upgrade their systems now. If you're running an older version, your backup infrastructure is sitting on a ticking time bomb.

Veeam's response to the issue? They've patched it in version 12.3.1, so all users should update ASAP. And while the vulnerability was discovered by Piotr Bazydlo from WatchTowr, you can bet the bad guys are already reverse-engineering the patch to exploit any unpatched systems. So don’t wait. Stay ahead of the curve.

For more details, check out Veeam's full security advisory and patch notes(strobes.co)co](https://strobes.co/blog/top-cves-vulnerabilities-of-march-2025/))(veeam.com)](https://www.veeam.com/kb4724)).