Main Vulnerability Database Vulnerabilities #VU116987

#VU116987 Permissions, Privileges, and Access Controls in Backup & Replication - CVE-2025-48984

Published: October 14, 2025

Vulnerability identifier: #VU116987

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-48984

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Backup & Replication

Software vendor:
Veeam

Description

The vulnerability allows a remote user to execute arbitrary code on the system.

The vulnerability exists due to an unspecified error. An authenticated domain user can execute arbitrary code on the Backup Server.

Install updates from vendor's website.