CVE-2023-27532

HIGH KEV RANSOMWARE

Veeam Backup & Replication < 11.0.1.1261 - Missing Authentication

Title source: rule

Description

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.

Exploits (4)

nomisec WORKING POC 115 stars

by sfewer-r7 · remote

https://github.com/sfewer-r7/CVE-2023-27532

View Code ZIP pw:eip

nomisec WORKING POC 71 stars

by horizon3ai · infoleak

https://github.com/horizon3ai/CVE-2023-27532

View Code ZIP pw:eip

nomisec SCANNER

by yunus-a1i · poc

https://github.com/yunus-a1i/veeam-cve-2023-27532-mock

View Code ZIP pw:eip

nomisec WORKING POC

by puckiestyle · remote

https://github.com/puckiestyle/CVE-2023-27532-RCE-Only

View Code ZIP pw:eip

References (2)

[Vendor Advisory] https://www.veeam.com/kb4424

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-27532

Scores

CVSS v3 7.5

EPSS 0.8360

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2023-08-22

VulnCheck KEV 2023-04-26

InTheWild.io 2023-08-22

ENISA EUVD EUVD-2023-31287

Ransomware Use Confirmed

CWE

CWE-306

Status published

Products (3)

veeam/veeam_backup_\&_replication 11.0.1.1261 (4 CPE variants)

veeam/veeam_backup_\&_replication 12.0.0.1420

veeam/veeam_backup_\&_replication < 11.0.1.1261

Published Mar 10, 2023

KEV Added Aug 22, 2023

Tracked Since Feb 18, 2026