Home

Description

This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup configuration file.

PUBLISHED Reserved 2025-08-07 | Published 2026-01-08 | Updated 2026-01-08 | Assigner hackerone




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Product status

Default status
unaffected

13.0.0 (semver)
affected

References

www.veeam.com/kb4792

cve.org (CVE-2025-55125)

nvd.nist.gov (CVE-2025-55125)

Download JSON