Veeam Backup & Replication is a backup platform for virtual environments built on VMware vSphere and Microsoft Hyper-V hypervisors. The software provides backup, restoration, and replication functionality for virtual machines, physical servers, and workstations, as well as cloud-based workloads.

Veeam Backup & Replication

A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication bypass. Attackers must be able to perform Man-in-the-Middle (MITM) attack to exploit this vulnerability.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-48983	CRITICAL	9.9	Veeam Backup & Replication	cpe:2.3:a:veeam:backup_and_replication	No	Yes	Oct 31, 2025
CVE-2025-48984	HIGH	8.8	Veeam Backup & Replication	cpe:2.3:a:veeam:veeam_backup_\&_replication	No	Yes	Oct 31, 2025
CVE-2025-23121	HIGH	8.8	Veeam Backup & Replication	cpe:2.3:a:veeam:backup_and_replication	No	Yes	Jun 19, 2025
CVE-2025-48982	HIGH	7.8	Veeam Backup & Replication	cpe:2.3:a:veeam:backup_and_replication	No	Yes	Oct 31, 2025
CVE-2025-24286	MEDIUM	4.9	Veeam Backup & Replication	cpe:2.3:a:veeam:veeam_backup_\&_replication	No	Yes	Jun 19, 2025

CVE-2024-40715:
Veeam Backup & Replication vulnerability analysis and mitigation

7.7

Related Veeam Backup & Replication vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2024-40715: Veeam Backup & Replication vulnerability analysis and mitigation