Home > Security Bulletins > Veeam Backup Service High Severity Vulnerability

Veeam Backup Service High Severity Vulnerability

Veeam Backup & Replication High Severity Vulnerability – CVE-2023-27532

9th March 2023

Veeam Backup & Replication Vulnerability

Veeam released a security advisory on 7th March 2023 (updated 8th March) for a vulnerability affecting its Backup & Replication software. CVE-2023-27532 allows unauthenticated attackers to access backup infrastructure hosts after obtaining encrypted credentials stored in VeeamVBR. CVSS 3.1: 7.5 (High).

Within Veeam Backup & Replication there is an executable running on TCP port 9401 by default, which allows unauthenticated users to request encrypted credentials.

This vulnerability affects all version of Veeam Backup & Replication. Veeam have released the following patches and workarounds:

Patches

Version 11a (build 11.0.1.1261 P20230227)

Version 12 (build 12.0.0.1420 P20230223)

Workaround

If you are using an all-in-one Veeam appliance with no remote backup infrastructure components you can block external connections to port TCP 9401 in the backup server firewall as a temporary remediation until the patch is installed.