CVE-2025-48983 | THREATINT

Description

A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.

PUBLISHED Reserved 2025-05-29 | Published 2025-10-30 | Updated 2025-11-01 | Assigner hackerone

CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Product status

Default status

unaffected

12.3.2 (semver)

affected

References

www.veeam.com/kb4771

cve.org (CVE-2025-48983)

nvd.nist.gov (CVE-2025-48983)

Download JSON