{"id":37061,"date":"2025-02-07T00:50:58","date_gmt":"2025-02-06T23:50:58","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=37061"},"modified":"2025-02-07T00:51:04","modified_gmt":"2025-02-06T23:51:04","slug":"critical-vulnerability-cve-2025-23114-in-veeam-updater","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2025\/02\/07\/critical-vulnerability-cve-2025-23114-in-veeam-updater\/","title":{"rendered":"Critical vulnerability CVE-2025-23114 in Veeam Updater"},"content":{"rendered":"

\"Sicherheit[German<\/a>]A critical vulnerability CVE-2025-23114 has been reported in the Veeam Updater. This vulnerability could be used to carry out man in the middle attacks. This affects various products from the provider. Veeam has published corresponding security updates to close the vulnerability.<\/p>\n

<\/p>\n

Critical vulnerability CVE-2025-23114<\/h2>\n

I became aware of the vulnerability in question, CVE-2025-23114, which has been classified as critical with a CVSS score of 9.0, via the following tweets.<\/p>\n

\"Veeam\"<\/p>\n

Veeam has published this security advisory (KB4712)<\/a> with vulnerability information as of February 4, 2025. Veeam has confirmed a Man in the Middle vulnerability in its Veeam Updater that affects the following products:<\/p>\n

Veeam Backup\u00a0for Salesforce 3.1 and older<\/i>
\nVeeam Backup\u00a0for Nutanix AHV5.0 or 5.1 <\/i>
\nVeeam Backup\u00a0for AWS 6a or 7<\/i>
\nVeeam Backup\u00a0for Microsoft Azure 5a or 6<\/i>
\nVeeam Backup\u00a0for Google Cloud 4 or 5<\/i>
\nVeeam Backup\u00a0for Oracle Linux Virtualization Manager and Red Hat Virtualization 3, 4.0 or 4.1<\/i><\/p>\n

Affected versions should be updated as soon as possible. The following steps can be used to check whether you are affected:<\/p>\n