CVE-2025-24286 HIGH

CVE-2025-24286

Vendor Veeam
Product Backup and Recovery
Published June 18, 2025
Last update June 23, 2025

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.

Key dates

02Disclosure timeline

June 18, 2025 CVE published
June 23, 2025 Record updated