Heads up! There is a critical Veeam Backup & Replication vulnerability that you need to be aware of and patch as soon as possible. The vulnerability is described in CVE-2025-23120 and is a vulnerability allowing unauthenticated domain users to execute code remotely.ย
What versions are affected?
This affects Veeam Backup & Replication 12.3.0.310 and allย earlier version 12 builds.ย
Don't join your Veeam Servers to the domain
It is definitely not a good practice in 2025 to be domain joining your Veeam Backup & Replication servers to the domain. Why? Well, domain credentials are some of the most vulnerable credentials and used credentials out there that can easily get phished by attackers using a phishing email, or some other type of attack. By taking your Veeam Servers off the domain, you are mitigating the chance that compromised domain credentials are able to compromise your Veeam environment, especially when thinking about a ransomware attack.
This vulnerability is as bad as it gets as the user doesn't have to be a domain admin from the looks of it and can just simply be a domain user to launch the attack. It means that an attacker can just have compromised credentials from any domain user and attack your Veeam environment.
Take a look at the official guidance from Veeam on security best practices for Veeam environments: Security & Compliance Analyzer - User Guide for VMware vSphere.
Download the fixed version
You can download the fixed version here: