Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution.
These vulnerabilities, which include CVE-2025-23120, exploit weaknesses in deserialization mechanisms, potentially allowing any domain user to gain SYSTEM access to Veeam backup servers.
This is particularly concerning for organizations that have integrated their Veeam servers into their Active Directory domains.
https://gbhackers.com/veeam-rce-vulnerability/