Veeam Product Security Update Advisory (CVE-2025-23114)

Feb 10 2025

Overview

We have released a security update to fix vulnerabilities in Veeam products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-23114

Veeam Backup for Salesforce Version: 3.1 (included)
Veeam Backup for AWS Versions: 6a, 7
Veeam Backup for Nutaniz AHV Versions: 5.0, 5.1
Veeam Backup for Microsoft Azure versions: 5a, 6
Veeam Backup for Google Cloud versions: 4, 5
Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization versions: 3, 4.0, 4.1

Resolved Vulnerabilities

Failure to properly validate TLS certificates, which could allow arbitrary code execution on the server (CVE-2025-23114)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-23114

Veeam Backup for Salesforce: Veeam Updater component version 7.9.0.1124
Veeam Backup for AWS: Veeam Updater component version 9.0.0.1126
Veeam Backup for Nutaniz AHV: Veeam Updater component version 9.0.0.1125
Veeam Backup for Microsoft Azure: Veeam Updater component version 9.0.0.1128
Veeam Backup for Google Cloud: Veeam Updater component version 9.0.0.1128
Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization: Veeam Updater component version 9.0.0.1127

References

[1] cve-2025-23114
https://www.veeam.com/kb4712

Veeam Product Security Update Advisory (CVE-2025-23114)

Advantive Product Security Update Advisory (CVE-2024-57968)

Trimble Product Security Update Advisory (CVE-2025-0994)

Tags:

Advantive Product Security Update Advisory (CVE-2024-57968)

Trimble Product Security Update Advisory (CVE-2025-0994)