CVE-2025-23114

Summary

CVE-2025-23114 is a newly disclosed vulnerability that poses a significant risk to servers using the Veeam Updater component. Malicious actors can exploit this issue by conducting Man-in-the-Middle attacks, enabling them to execute arbitrary code on the affected server. The root cause of this vulnerability is a failure on the part of Veeam Updater to adequately validate TLS certificates. Successful exploitation could lead to unauthorized access, data theft, and other malicious activities. It is recommended that users of Veeam Updater apply the available patch or update their configurations to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.