Initiatives pour
En tant qu'autorité nationale en matière de cybersécurité, le CCB a développé plusieurs initiatives destinées à des publics spécifiques, qui sont présentées ici.
Warning: Remote Code Execution Vulnerability in Veeam Backup & Replication, Patch Immediately!
Image
Publié : 17/06/2025
* Last update: 17/06/2025
* Affected software::
→ Veeam Backup & Replication versions 12, 12.1, 12.2, 12.3, 12.3.1
→ Veeam Agent for Microsoft Windows versions 6.0, 6.1, 6.2, 6.3, 6.3.1* Type: Remote Code Execution (RCE)
* CVE/CVSS
→ CVE-2025-23121: CVSS 9.9 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
Sources
Risks
Veeam published an update fixing multiple vulnerabilities. Most notably, CVE-2025-23121, a Remote Code Execution vulnerability affecting the backup server and requiring low privileges for successful exploitation.
Vulnerabilities in backup & replication software is often a target for ransomware groups due to the severe impact it can have to a company’s ability to recover after a ransomware attack. It is advised to patch as soon as possible.
Description
CVE-2025-23121
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
Veeam reports that this vulnerability only impacts domain-joined backup servers.
CVE-2025-24286
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via:< https://ccb.belgium.be/cert/report-incident>.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.