CVE-2025-48983
Published: 31 October 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-48983 is a critical vulnerability in the Mount service of Veeam Backup & Replication that allows remote code execution (RCE) on backup infrastructure hosts. Published on 2025-10-31, it carries a CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) and is associated with CWE-284 (Improper Access Control).
The vulnerability can be exploited remotely by an authenticated domain user possessing low privileges. Attackers require network access and minimal setup, with no user interaction needed. Successful exploitation grants RCE on the affected backup hosts, enabling high-impact compromise of confidentiality, integrity, and availability across a changed scope.
Mitigation details are available in the official Veeam knowledge base article at https://www.veeam.com/kb4771.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability enables remote code execution (RCE) in the Mount service by low-privileged authenticated domain users, directly facilitating Exploitation of Remote Services (T1210) for lateral movement and Exploitation for Privilege Escalation (T1068) due to the privilege increase and changed scope.