Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.10 views

CVE-2025-23114

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate...

9CVSS7.7AI score0.00588EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-3128

Malicious code in bioql PyPI...

9CVSS9.3AI score0.00588EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/14 12:0 a.m.7 views

The vulnerability of the Veeam Updater, a component of backup and recovery tools such as Veeam Backup for Salesforce, Veeam Backup for Nutanix AHV, and Veeam Backup for AWS, allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the Veeam Updater, a component of backup and recovery tools such as Veeam Backup for Salesforce, Veeam Backup for Nutanix AHPV, and Veeam Backup for AWS, relates to access to a channel from a non-endpoint location. Exploiting this vulnerability allows a remote attacker to...

9CVSS8.2AI score0.00588EPSS
Exploits0References3Affected Software6
NCSC
NCSC
added 2025/02/13 9:48 a.m.5 views

Vulnerability fixed in Veeam

Veeam has fixed a vulnerability in the Veeam Updater component. The vulnerability is in how the Veeam Updater component validates TLS certificates. Insufficient validation can allow Man-in-the-Middle attackers to execute arbitrary code on affected servers. This can lead to unauthorized access and...

9CVSS7.6AI score0.00588EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/02/05 12:16 p.m.29 views

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114 , carries a CVSS score of 9.0 out of 10.0. "A vulnerability within the Veeam...

9CVSS7.5AI score0.00588EPSS
Exploits0
NVD
NVD
added 2025/02/05 2:15 a.m.18 views

CVE-2025-23114

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate...

9CVSS0.00588EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/05 1:45 a.m.7 views

CVE-2025-23114

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate...

9CVSS9.3AI score0.00588EPSS
Exploits0References1
CVE
CVE
added 2025/02/05 1:45 a.m.160 views

CVE-2025-23114

The CVE-2025-23114 entry maps to a vulnerability in the Veeam Updater component of Veeam Backup products, caused by improper TLS certificate validation. According to multiple sources, this design flaw allows Man-in-the-Middle attackers to execute arbitrary code on the affected server, with high-i...

9CVSS7.7AI score0.00588EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 1:45 a.m.20 views

CVE-2025-23114

A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate...

9CVSS0.00588EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/05 12:0 a.m.5 views

Veeam Updater component 安全漏洞

Veeam Updater component is an update component from Veeam USA. A security vulnerability exists in the Veeam Updater component that stems from improper TLS certificate validation and allows a man-in-the-middle attacker to execute arbitrary code on the affected server...

9CVSS9.4AI score0.00588EPSS
Exploits0References1
Rows per page
Query Builder