Main Vulnerability Database Vulnerabilities #VU116986

#VU116986 Permissions, Privileges, and Access Controls in Backup & Replication - CVE-2025-48983

Published: October 14, 2025

Vulnerability identifier: #VU116986

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-48983

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Backup & Replication

Software vendor:
Veeam

Description

The vulnerability allows a remote user to execute arbitrary code on the system.

The vulnerability exists due to an unspecified error in the Mount service. An authenticated domain user can execute arbitrary code on the Backup infrastructure hosts.

Remediation

Install updates from vendor's website.

External links

https://www.veeam.com/kb4771

#VU116986 Permissions, Privileges, and Access Controls in Backup & Replication - CVE-2025-48983

Description

Remediation

External links

Please verify you're human