Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in Veeam Software
Alerts

Critical Vulnerability in Veeam Software

24 March 2025

Veeam has released updates addressing a critical vulnerability (CVE-2025-23120) in Veeam Backup & Replication software that affects domain-joined installations.

Veeam has released updates addressing a critical vulnerability (CVE-2025-23120) in Veeam Backup & Replication software that affects domain-joined installations. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.9 out of 10.

Successful exploitation of the deserialisation vulnerability could allow an unauthenticated attacker to execute remote code.

The vulnerability affects Veeam Backup & Replication version 12.3.0.310 and all earlier version 12 builds.

Users and administrators of the affected products are advised to update to the latest versions immediately.

More information is available here:
https://www.veeam.com/kb4724
https://nvd.nist.gov/vuln/detail/CVE-2025-23120

Back to top