好的,我现在需要帮用户总结一篇文章,控制在100字以内。用户的要求很明确,直接写文章描述,不需要特定的开头。 首先,我仔细阅读了文章内容。文章主要讲的是Veeam发布了安全更新,修复了其备份和复制软件中的多个漏洞,其中包括一个关键的远程代码执行漏洞CVE-2025-59470。这个漏洞影响了13.0.1.180及更早版本的软件。 接下来,文章提到虽然这个漏洞被归类为高危,但只能被具有备份或磁带操作员角色的攻击者利用。Veeam还修复了另外两个漏洞,并强调了这些角色的重要性以及遵循安全指南的重要性。 然后,文章讨论了Veeam的软件在企业中的广泛应用,以及它为何成为勒索软件团伙的目标。过去有多个勒索软件利用过VBR的漏洞进行攻击。 最后,我需要将这些信息浓缩到100字以内。要确保涵盖关键点:Veeam修复漏洞、远程代码执行、高危、特定角色利用、软件重要性及勒索软件攻击。 总结时要注意逻辑连贯,用词简洁。比如,“Veeam发布安全更新修复备份软件漏洞”开头,“包括远程代码执行等高危漏洞”接着说明具体情况,“强调权限控制的重要性”补充修复措施,“该软件广泛应用于企业数据保护”说明影响,“常被勒索软件攻击”结尾。 这样就能在有限的字数内全面概括文章内容。 </think> Veeam发布安全更新修复备份软件中的多个漏洞,包括一个可被特定角色利用的远程代码执行(RCE)高危漏洞(CVE-2025-59470)。该漏洞允许备份或磁带操作员以postgres用户身份执行恶意代码。此外,更新还修复了其他两个高危和中危漏洞。Veeam Backup & Replication广泛应用于企业数据保护,但因其易被勒索软件攻击而备受关注。 2026-1-7 13:15:16 Author: www.bleepingcomputer.com(查看原文) 阅读量:2 收藏
Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability.
Tracked as CVE-2025-59470, this RCE security flaw affects Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds.
"This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter," Veeam explained in a Tuesday advisory.
However, the information technology company adjusted its rating to high severity because it can only be exploited by attackers with the Backup or Tape Operator roles.
"The Backup and Tape Operator roles are considered highly privileged roles and should be protected as such. Following Veeam's recommended Security Guidelines further reduces the opportunity for exploitability," it added.
Veeam released version 13.0.1.1071 on January 6 to patch CVE-2025-59470 and address two other high-severity (CVE-2025-55125) and medium-severity (CVE-2025-59468) vulnerabilities that enable malicious backup or tape operators to gain remote code execution by creating a malicious backup configuration file or sending a malicious password parameter, respectively.
Veeam's Backup & Replication (VBR) enterprise data backup and recovery software helps create copies of critical data and applications that can be quickly restored following cyberattacks, hardware failures, or disasters.
Veeam flaws targeted by ransomware gangs
VBR is particularly popular among mid-sized to large enterprises and managed service providers, but it's also often targeted by ransomware gangs, since it can serve as a quick pivot point for lateral movement within victims' environments.
Ransomware gangs have previously told BleepingComputer that they always target victims' VBR servers because it simplifies data theft and makes it easy to block restoration efforts by deleting backups before deploying ransomware payloads.
The Cuba ransomware gang and the financially motivated FIN7 threat group (which had previously collaborated with the Conti, REvil, Maze, Egregor, and BlackBasta ransomware gangs) have also been linked to attacks targeting VBR vulnerabilities in the past.
More recently, Sophos X-Ops incident responders revealed in November 2024 that Frag ransomware exploited another VBR RCE vulnerability (CVE-2024-40711) disclosed two months earlier. The same security flaw was also used in Akira and Fog ransomware attacks targeting vulnerable Veeam backup servers starting in October 2024.
Veeam's products are used by over 550,000 customers worldwide, including 74% of Global 2,000 firms and 82% of Fortune 500 companies.
The 2026 CISO Budget Benchmark
It's budget season! Over 300 CISOs and security leaders have shared how they're planning, spending, and prioritizing for the year ahead. This report compiles their insights, allowing readers to benchmark strategies, identify emerging trends, and compare their priorities as they head into 2026.
Learn how top leaders are turning investment into measurable impact.
如有侵权请联系:admin#unsafe.sh