{"vulnerability": "CVE-2025-23120", "sightings": [{"uuid": "6c9393f7-fd3f-4c6e-b611-e42d5dd1567f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1056", "content": "\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062c\u0632\u0627\u06cc Veeam.Backup.Core.BackupSummary \u0648 Veeam.Backup.EsxManager.xmlFrameworkDs \u0627\u0632 Veeam Backup &amp; Replication\u060c \u06cc\u06a9 \u0631\u0627\u0647 \u062d\u0644 \u062d\u0641\u0627\u0638\u062a\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u0627\u0628\u0631\u06cc\u060c \u0645\u062c\u0627\u0632\u06cc \u0648 \u0641\u06cc\u0632\u06cc\u06a9\u06cc\u060c \u0628\u0647 \u06a9\u0627\u0633\u062a\u06cc \u0647\u0627\u06cc \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 deserialization \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc \u0634\u0648\u062f. \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc \u0633\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u062e\u0627\u0635\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 2025-03134\nCVE-2025-23120\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a)\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc SIEM \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u062a\u0644\u0627\u0634 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc (IDS/IPS) \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u067e\u0627\u0633\u062e \u0628\u0647 \u062a\u0644\u0627\u0634\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN)\u061b\n- \u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u062f\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u06a9\u0627\u0631\u0628\u0631\u061b\n- \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646/\u062d\u0630\u0641 \u062d\u0633\u0627\u0628 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u0634\u062f\u0647\n\n\u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f:\nhttps://www.veeam.com/kb4724\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-03-24T17:26:05.000000Z"}, {"uuid": "0d181079-cf82-42dd-ac84-e49b9d5b9245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/439", "content": "Top Security News for Today\n\nArcane stealer: We want all your data  \nhttps://securelist.com/arcane-stealer/115919/\n\nThe Intersection of Public Policy and Cybersecurity: Building a Framework for 2025 and Beyond  \nhttps://www.tripwire.com/state-of-security/intersection-public-policy-and-cybersecurity-building-framework-2025-and-beyond\n\nHow to Secure Your Information on AWS: 10 Best Practices  \nhttps://www.tripwire.com/state-of-security/secure-information-aws-10-best-practices\n\nLinux supply chain attack journey: critical vulnerabilities on multiple distribution build &amp; packaging systems  \nhttps://www.reddit.com/r/netsec/comments/1jetbh3/linux_supply_chain_attack_journey_critical/\n\nIntroducing WEBCAT: Web-based Code Assurance and Transparency  \nhttps://www.reddit.com/r/netsec/comments/1jf1zwq/introducing_webcat_webbased_code_assurance_and/\n\nDOGE to Fired CISA Staff: Email Us Your Personal Data  \nhttps://krebsonsecurity.com/2025/03/doge-to-fired-cisa-staff-email-us-your-personal-data/\n\nBy Executive Order, We Are Banning Blacklists - Domain-Level RCE in Veeam Backup &amp; Replication (CVE-2025-23120)  \nhttps://www.reddit.com/r/netsec/comments/1jff8u9/by_executive_order_we_are_banning_blacklists/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-03-20T09:30:52.000000Z"}, {"uuid": "8be5dd35-e788-4774-a544-547a44fec313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/cvedetector/20757", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23120 - Microsoft Active Directory Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23120 \nPublished : March 20, 2025, 4:15 p.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : A vulnerability allowing remote code execution (RCE) for domain users. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T19:54:42.000000Z"}, {"uuid": "791907b8-6490-480d-947c-e9ba30780982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/CyberBulletin/2727", "content": "\u26a1Two major vendors just patched remote code execution flaws\u2014update NOW before attackers exploit them.\n\nVeeam Backup (CVE-2025-23120, 9.9/10)\nAffects v12.3.0.310 &amp; earlier\nAllows RCE by authenticated users\nFixed in v12.3.1 (12.3.1.1139)\n\nIBM AIX (CVE-2024-56346 &amp; CVE-2024-56347, 10/10 &amp; 9.6/10)\nAffects AIX 7.2 &amp; 7.3\nExploitable via NIM services\n\n\u26a0\ufe0f No attacks seen yet, but don\u2019t wait\u2014patch immediately.\n\n#CyberBulletin", "creation_timestamp": "2025-03-21T06:44:57.000000Z"}, {"uuid": "3953aead-5406-48cc-8de3-a6918ec69b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/xakep_ru/17281", "content": "RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Veeam RCE \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Veeam \u043f\u0430\u0442\u0447\u0430\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (CVE-2025-23120) \u0432 Backup &amp; Replication. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 domain-joined \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438.\n\nhttps://xakep.ru/2025/03/24/backup-replication-rce/", "creation_timestamp": "2025-03-24T16:36:08.000000Z"}, {"uuid": "dcd0044c-953f-497f-9d8b-0c0d588e0cf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3ll2hatakes2e", "content": "", "creation_timestamp": "2025-03-23T14:28:40.353188Z"}, {"uuid": "9b088a59-7e8f-40fd-af82-9ac257bb692f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/etguenni.bsky.social/post/3lkrbxa63js2j", "content": "", "creation_timestamp": "2025-03-19T22:59:50.782002Z"}, {"uuid": "9bf9cc25-5faf-452f-910c-197fe1cdc326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/etguenni.bsky.social/post/3lkrbxftwuk2o", "content": "", "creation_timestamp": "2025-03-19T22:59:56.337301Z"}, {"uuid": "41960116-37ce-4535-8267-eb21fed0886c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lktta3up7l2h", "content": "", "creation_timestamp": "2025-03-20T23:14:20.136274Z"}, {"uuid": "9cf999cc-d447-457e-9e7d-491816788594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lkrpbkcxs72x", "content": "", "creation_timestamp": "2025-03-20T02:58:14.287767Z"}, {"uuid": "daf7bd45-0c59-4138-beb9-26060d028d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114192533862856227", "content": "", "creation_timestamp": "2025-03-20T03:03:07.525291Z"}, {"uuid": "50fecfda-4991-4db6-8ed0-b4445f23264b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114192539179526680", "content": "", "creation_timestamp": "2025-03-20T03:04:28.469348Z"}, {"uuid": "f102ddcf-98e7-4190-9148-6ee48d451a36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lkrqqlqo6b27", "content": "", "creation_timestamp": "2025-03-20T03:24:32.445153Z"}, {"uuid": "80551df0-3db6-42a4-8f04-0199c9efebf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3ll3mmh2jpl2y", "content": "", "creation_timestamp": "2025-03-24T01:37:15.646486Z"}, {"uuid": "4c956104-505a-46d1-923d-95139df49915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/cyb3rint3l.bsky.social/post/3lksd2ufgus2c", "content": "", "creation_timestamp": "2025-03-20T08:52:29.533705Z"}, {"uuid": "d558647b-39a5-4eca-82bb-a244227416fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/cyb3rint3l.bsky.social/post/3lksd2wld7c2c", "content": "", "creation_timestamp": "2025-03-20T08:52:30.067876Z"}, {"uuid": "f74bcc0a-9166-496b-b5a5-b8c64b118917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lksd5sang22q", "content": "", "creation_timestamp": "2025-03-20T08:54:07.192994Z"}, {"uuid": "6171b369-10a8-48b0-aad8-a8b5fd3903ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkt6slkwhb24", "content": "", "creation_timestamp": "2025-03-20T17:08:57.342992Z"}, {"uuid": "c9a3571d-455e-4b62-9ce4-bec0829deada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-a2b140a1-f315c2e17381144a", "content": "", "creation_timestamp": "2025-03-20T17:51:19.398201Z"}, {"uuid": "505b70a9-ab5a-44f3-bdf9-b965594ba416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114196251343725120", "content": "", "creation_timestamp": "2025-03-20T18:48:32.103039Z"}, {"uuid": "a84d6e06-3a7c-46f3-a712-93759909c249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lktlgx2twg2k", "content": "", "creation_timestamp": "2025-03-20T20:54:59.295134Z"}, {"uuid": "1fff9144-848f-4cba-9a4e-bcfc3c8a53f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-091-01", "content": "", "creation_timestamp": "2025-04-01T10:00:00.000000Z"}, {"uuid": "94f9d3e2-f005-44d4-a438-2e51fd1511f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-4ebdede6-5217a3193b0d7a46", "content": "", "creation_timestamp": "2025-07-10T09:25:22.814277Z"}, {"uuid": "a42f0f17-a6da-4f15-8699-78dd4b0e5dca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:37.000000Z"}, {"uuid": "1bbb40ee-4803-41ca-8d6e-7ff9116b5f07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8220", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23120\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability allowing remote code execution (RCE) for domain users.\n\ud83d\udccf Published: 2025-03-20T15:11:39.456Z\n\ud83d\udccf Modified: 2025-03-20T16:13:01.660Z\n\ud83d\udd17 References:\n1. https://www.veeam.com/kb4724", "creation_timestamp": "2025-03-20T16:18:06.000000Z"}, {"uuid": "54cff414-5288-4703-ae45-0bdb3b6ab87d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/BleepingComputer/21762", "content": "\u200aVeeam RCE bug lets domain users hack backup servers, patch now\n\nVeeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its\u00a0Backup &amp; Replication software that impacts domain-joined installations. [...]\n\nhttps://www.bleepingcomputer.com/news/security/veeam-rce-bug-lets-domain-users-hack-backup-servers-patch-now/", "creation_timestamp": "2025-03-20T23:47:45.000000Z"}, {"uuid": "4122c555-b990-460c-827a-e4652af83f9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/ViralCyber/11850", "content": "\ud83d\udca2 \u0627\u062e\u06cc\u0631\u0627 Veeam \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2025-23120 \u06a9\u0647 \u062f\u0631 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 Backup &amp; Replication \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0648\u0635\u0644\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\u2747\ufe0f \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u060c Veeam Backup &amp; Replication \u0646\u0633\u062e\u0647 12, 12.1, 12.2, 12.3, 12.3.0.310 \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f. \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u062f\u0631 \u0646\u0633\u062e\u0647 12.3.1 (build 12.3.1.1139) \u06a9\u0647 \u0628\u0647 \u062a\u0627\u0632\u06af\u06cc \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\ud83d\udeab\u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0627\u0632 \u0646\u0633\u062e\u0647 \u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 Veeam Backup &amp; Replication \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u062f\u060c \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0622\u0646 \u0631\u0627 \u0628\u0647 \u0646\u0633\u062e\u0647 12.3.1 \u0627\u0631\u062a\u0642\u0627 \u062f\u0647\u06cc\u062f.\n \n\u00a0\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83e\udd81\u00ab\u06a9\u062a\u0627\u0633\u00bb\n\u200fhttp://t.me/ict_security", "creation_timestamp": "2025-03-24T14:23:52.000000Z"}, {"uuid": "f86020e9-6deb-4b58-8fbd-304dffc3585a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "published-proof-of-concept", "source": "https://t.me/zer0day1ab/503", "content": "CVE-2025-23120: Domain-Level RCE in Veeam Backup &amp; Replication\n\nhttps://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/\n\nAffected Product: \nVeeam Backup &amp; Replication 12.3.0.310 and all\u00a0earlier version 12 builds.\n\nPatched: March 19, 2025\n\n#ad #pentest #redteam #rce", "creation_timestamp": "2025-03-25T18:52:19.000000Z"}, {"uuid": "637b348a-bb7b-4d52-9472-ff3e22907bd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6866", "content": "Veeam \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2025-23120, \u0432 \u0441\u0432\u043e\u0435\u043c \u041f\u041e \u0434\u043b\u044f \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0440\u0435\u043f\u043b\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438, \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u044b\u0435 \u043a \u0434\u043e\u043c\u0435\u043d\u0443 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0434\u043e\u043c\u0435\u043d\u0430 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u0447\u0435\u0440\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Veeam Backup &amp; Replication \u0432\u0435\u0440\u0441\u0438\u0438 12.3.0.310 (\u0438 \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0441\u0431\u043e\u0440\u043a\u0438 \u0432\u0435\u0440\u0441\u0438\u0438 12).\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 12.3.1 (\u0441\u0431\u043e\u0440\u043a\u0430 12.3.1.1139), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 watchTowr Labs, CVE-2025-23120\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u043a\u043b\u0430\u0441\u0441\u0430\u0445 Veeam.Backup.EsxManager.xmlFrameworkDs \u0438 Veeam.Backup.Core.BackupSummary .NET.\n\n\u041e\u043d\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442, \u043a\u043e\u0433\u0434\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0438\u043b\u0438 \u0433\u0430\u0434\u0436\u0435\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u0412 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0434\u0440\u0443\u0433\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 RCE, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0424\u043b\u043e\u0440\u0438\u0430\u043d\u043e\u043c \u0425\u0430\u0443\u0437\u0435\u0440\u043e\u043c, Veeam \u0432\u0432\u0435\u043b\u0430 \u0447\u0435\u0440\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u0438\u043b\u0438 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b.\n\n\u041e\u0434\u043d\u0430\u043a\u043e watchTowr \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u0439\u0442\u0438 \u0434\u0440\u0443\u0433\u0443\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0433\u0430\u0434\u0436\u0435\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u0431\u044b\u043b\u0430 \u0437\u0430\u043d\u0435\u0441\u0435\u043d\u0430 \u0432 \u0447\u0435\u0440\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a, \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0425\u043e\u0440\u043e\u0448\u0435\u0439 \u043d\u043e\u0432\u043e\u0441\u0442\u044c\u044e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Veeam Backup &amp; Replication, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u043a \u0434\u043e\u043c\u0435\u043d\u0443. \n\n\u041f\u043b\u043e\u0445\u0430\u044f \u043d\u043e\u0432\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043b\u044e\u0431\u043e\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0434\u043e\u043c\u0435\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0435 \u043b\u0435\u0433\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0432 \u044d\u0442\u0438\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u043c\u043d\u043e\u0433\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Veeam \u043a \u0434\u043e\u043c\u0435\u043d\u0443 Windows, \u043f\u0440\u043e\u0438\u0433\u043d\u043e\u0440\u0438\u0440\u043e\u0432\u0430\u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0414\u0430\u0436\u0435 \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u044b Veeam Backup &amp; Replication \u0431\u044b\u043b\u0438 \u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043b\u044e\u0431\u0438\u043c\u043e\u0439 \u0438\u0433\u0440\u0443\u0448\u043a\u043e\u0439 \u0431\u0430\u043d\u0434 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u043f\u043e\u043d\u044f\u0442\u043d\u044b\u043c \u043f\u0440\u0438\u0447\u0438\u043d\u0430\u043c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043f\u043e\u043a\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e, watchTowr \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u043c \u043e\u0431\u044a\u0435\u043c\u043e\u043c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439, \u0442\u0430\u043a \u0447\u0442\u043e, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d PoC.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c Veeam Backup &amp; Replication, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 12.3.1 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435, \u0430 \u0432 \u0438\u0434\u0435\u0430\u043b\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440 \u043e\u0442 \u0434\u043e\u043c\u0435\u043d\u0430.", "creation_timestamp": "2025-03-21T16:50:05.000000Z"}, {"uuid": "c1529595-38d3-42f8-8580-5c80c2df786a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1594", "content": "CVE-2025-23120: Domain-Level RCE in Veeam Backup &amp; Replication\n\nhttps://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/\n\nAffected Product: \nVeeam Backup &amp; Replication 12.3.0.310 and all\u00a0earlier version 12 builds.\n\nPatched: March 19, 2025\n\n#ad #pentest #redteam #rce", "creation_timestamp": "2025-03-20T07:10:29.000000Z"}, {"uuid": "04e76f0b-6e45-400c-ad0a-4c409b0d8c60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/ctinow/232630", "content": "Veeam fixed critical Backup &amp; Replication flaw CVE-2025-23120\nhttps://ift.tt/Q5fBurK", "creation_timestamp": "2025-03-20T21:19:10.000000Z"}, {"uuid": "b4f1e5af-9cf6-4388-960e-c71714b89886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9747", "content": "By Executive Order, We Are Banning Blacklists - Domain-Level RCE in Veeam Backup &amp; Replication (CVE-2025-23120)\n\nhttps://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/", "creation_timestamp": "2025-03-20T16:48:02.000000Z"}, {"uuid": "ff15cec5-1392-4647-86b5-b2038cd0984f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11952", "content": "#Threat_Research\n1. Legacy Driver Exploitation Through Bypassing Certificate Verification\nhttps://asec.ahnlab.com/en/86881\n2. Domain-Level RCE in Veeam Backup &amp; Replication (CVE-2025-23120)\nhttps://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120\n3. BMC&amp;C Vulnerabilities\nhttps://eclypsium.com/blog/ami-megarac-vulnerabilities-bmc-part-3", "creation_timestamp": "2025-03-21T11:57:01.000000Z"}, {"uuid": "36a826c1-c675-42be-83ad-c8409df24baf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114191236315023587", "content": "", "creation_timestamp": "2025-03-19T21:33:08.191373Z"}, {"uuid": "976af90a-01a3-4c66-8099-7ae47b01a1c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lktvysa3xs2s", "content": "", "creation_timestamp": "2025-03-21T00:03:59.616752Z"}, {"uuid": "d60ae29f-2504-4e83-9bb0-7d2951df5af5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/insightsintothings.bsky.social/post/3lkvmgjb4t227", "content": "", "creation_timestamp": "2025-03-21T16:17:58.257720Z"}, {"uuid": "c02fc67c-32f2-413f-9c8d-d026eaae6c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lktzhktt6p2p", "content": "", "creation_timestamp": "2025-03-21T01:05:53.123164Z"}, {"uuid": "170ee3f9-2d7b-44c6-8779-8b86e4e0d403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lkueke57dt2p", "content": "", "creation_timestamp": "2025-03-21T04:24:17.304322Z"}, {"uuid": "6f50cc7e-8e8e-4861-9e88-3579961586b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lkz3ncarn22c", "content": "", "creation_timestamp": "2025-03-23T01:28:11.860071Z"}, {"uuid": "e44baf21-4630-486e-929e-563c4bde8e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lkz3sh5xqs2c", "content": "", "creation_timestamp": "2025-03-23T01:31:07.735106Z"}, {"uuid": "6b0784d8-5b80-439e-8d6b-f10715bf4bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114195058361841699", "content": "", "creation_timestamp": "2025-03-20T13:45:07.933656Z"}, {"uuid": "de6b714f-5584-4318-bc66-52877a633e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lksth6fkns2x", "content": "", "creation_timestamp": "2025-03-20T13:45:37.674287Z"}, {"uuid": "3165eed9-6610-4243-901d-56bc90076a23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3lkunb4qmkc2e", "content": "", "creation_timestamp": "2025-03-21T07:00:12.001610Z"}, {"uuid": "da66c133-97e7-498c-a247-f3c793b4212d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://swecyb.com/users/nopatience/statuses/114193563817670426", "content": "", "creation_timestamp": "2025-03-20T07:25:11.882000Z"}, {"uuid": "73c0c77c-331e-48e8-9cc9-b3acf1ec9136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/workinghardinit.bsky.social/post/3lks7nxbq3k2x", "content": "", "creation_timestamp": "2025-03-20T07:48:52.467861Z"}, {"uuid": "59c50cdd-d976-4f84-9c06-66eb601e08bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/chudypb.bsky.social/post/3lks7sewez224", "content": "", "creation_timestamp": "2025-03-20T07:54:00.146391Z"}, {"uuid": "cec1075a-043c-4e59-9231-3fc4eae73037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3lkxebygosy2l", "content": "", "creation_timestamp": "2025-03-22T08:57:35.816656Z"}, {"uuid": "2c2b4b44-7aca-47ec-90cd-8fc459f44d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/114193720052060529", "content": "", "creation_timestamp": "2025-03-20T08:04:47.023456Z"}, {"uuid": "d0a91915-684e-4a1f-8eac-e92d1a258fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lkuwvvxhfs2x", "content": "", "creation_timestamp": "2025-03-21T09:52:52.538901Z"}, {"uuid": "ac679685-4bea-421b-9772-eb624c5817e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3ll3zrrxw222d", "content": "", "creation_timestamp": "2025-03-24T05:32:57.137504Z"}, {"uuid": "30f9a354-32fb-42e6-b5b0-b9f4d0adbba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/sparrrgh.me/post/3ll4evkn7is2u", "content": "", "creation_timestamp": "2025-03-24T08:51:54.642241Z"}, {"uuid": "9092f30a-70da-4b55-8025-6ec2a3992c85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lkuzrbllck2v", "content": "", "creation_timestamp": "2025-03-21T10:44:00.933436Z"}, {"uuid": "931f746c-8508-4aa6-b920-3774e7549199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lktjikpz2r2u", "content": "", "creation_timestamp": "2025-03-20T20:20:07.451946Z"}, {"uuid": "6f3665b2-490d-4230-94d8-7301fd55a281", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/rapid7.com/post/3lkslzmpwh226", "content": "", "creation_timestamp": "2025-03-20T11:32:47.475069Z"}, {"uuid": "a9a7f9e9-8801-4711-96d1-7c339e06ef61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lrstwsbazg2z", "content": "", "creation_timestamp": "2025-06-17T15:50:43.073933Z"}, {"uuid": "369f1b03-4eee-4056-aeea-7af6d6214ef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/claytechsolution/264", "content": "The Hacker News\nVeeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems\n\nVeeam has released security updates to address a critical security flaw impacting its Backup &amp; Replication software that could lead to remote code execution.\nThe vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. It affects 12.3.0.310 and all earlier version 12 builds.\n\"A vulnerability allowing remote code execution (RCE) by authenticated domain users,\" the", "creation_timestamp": "2025-03-20T16:57:59.000000Z"}, {"uuid": "131cf12f-e1a9-4fbe-8885-ceaad7431575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/kasperskyb2b/1674", "content": "\u27a1\ufe0f \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udca1 \u041e\u0442\u0447\u0451\u0442 \u043e \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0432 2024 \u0433\u043e\u0434\u0443: \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043f\u0440\u043e\u0444\u0438\u043b\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u0438 \u0436\u0435\u0440\u0442\u0432, \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u044b\u0445 \u0442\u0430\u043a\u0442\u0438\u043a, \u0442\u0435\u0445\u043d\u0438\u043a \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \n\n\ud83d\udd35\u041f\u043e\u0441\u0442\u0443\u043f\u0430\u044e\u0442 \u043d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 GitHub-\u043f\u0440\u043e\u0446\u0435\u0441\u0441 tj-actions/changed-file, \u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u043b\u0438\u0448\u044c \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u043c \u0437\u0432\u0435\u043d\u043e\u043c \u0432 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 Coinbase. \u0427\u0442\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435, \u043f\u043e\u0445\u043e\u0436\u0435, \u0438\u0437 \u0415\u0432\u0440\u043e\u043f\u044b (\u0430 \u043d\u0435 \u043a\u0430\u043a \u0432\u044b \u043f\u043e\u0434\u0443\u043c\u0430\u043b\u0438, \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0432 \u0441\u043b\u043e\u0432\u043e Coinbase).\n\n\u26aa\ufe0f\u041b\u0430\u043d\u0434\u0448\u0430\u0444\u0442 \u0443\u0433\u0440\u043e\u0437 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438. \u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e \u043c\u0438\u0440\u0443 \u0432 4 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0447\u0438\u0441\u043b\u043e \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u0410\u0421\u0423 \u0422\u041f \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c, \u043d\u043e \u0432 8 \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0420\u043e\u0441\u0441\u0438\u044e, \u043e\u0442\u043c\u0435\u0447\u0435\u043d \u0440\u043e\u0441\u0442.\n\n\ud83d\udfe1\u041d\u043e\u0432\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f APT Mirror Face/Earth Kasha/APT10 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u0433\u043e\u0441\u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u043a\u043e\u0441\u043c\u043e\u0441\u0430, \u043a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u0430 \u0438 \u0421\u041c\u0418. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0431\u044d\u043a\u0434\u043e\u0440 Uppercut/Anel \u0438 AsyncRAT.\n\n\ud83d\udd35\u0413\u0440\u0443\u043f\u043f\u0430 UAT-5918, \u043f\u0435\u0440\u0435\u0441\u0435\u043a\u0430\u044e\u0449\u0430\u044f\u0441\u044f \u0441 Volt Typhoon/Flax Typhoon/Earth Estries, \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u043e\u0433\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435. \n\n\ud83d\udd35\u0420\u0430\u0437\u0431\u043e\u0440 \u0441\u043b\u043e\u0436\u043d\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430 Betruger, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 RansomHub.\n\n\ud83d\udfe2\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-23120 \u0432 Veeam Backup &amp; Replication \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE. \n\n\ud83d\udfe2\u0427\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0445\u0443\u0436\u0435 \u00ab\u0443\u043c\u043d\u043e\u0433\u043e \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\u00bb? \u0422\u043e\u043b\u044c\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u0443\u043c\u043d\u043e\u0433\u043e \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0435\u0441\u043b\u0438 \u044d\u0442\u043e Cisco.\n\n\ud83d\udfe3\u041d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 \u0432\u044b\u0448\u043b\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043e \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-29927 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Next.js, \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441 CVSS 9.1. \u0412 Shodan \u0441\u0432\u0435\u0442\u0438\u0442\u0441\u044f 300 \u0442\u044b\u0441\u044f\u0447 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.  \n\n\ud83d\udd35\u0414\u0440\u0435\u0432\u043d\u0438\u0439 \u043e\u0431\u0440\u0430\u0437\u0435\u0446 ransomware Albabat \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e \u043e\u0431\u0437\u0430\u0432\u0451\u043b\u0441\u044f \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u0434\u043b\u044f macOS \u0438 Linux.\n\n\ud83d\udfe3\u041e\u0442\u0447\u0451\u0442 \u043e \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0430\u0440\u0442\u0438\u0441\u0442\u043e\u0432 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 BlackLock, \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u0430\u043a ElDorado.\n\n\ud83d\udfe3\u041c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0430\u044f \u0441\u0435\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441 2016 \u0433\u043e\u0434\u0430 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u04212 \u0438 TDS. \u0410\u0432\u0442\u043e\u0440\u044b \u044d\u0442\u043e\u0433\u043e \u0431\u043e\u0442\u043d\u0435\u0442\u0430, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0433\u043e DollyWay, \u0434\u0430\u0436\u0435 \u043f\u0430\u0442\u0447\u0430\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u00ab\u0441\u0432\u043e\u0438\u0445\u00bb \u0441\u0430\u0439\u0442\u0430\u0445 \u0438 \u0432\u044b\u0447\u0438\u0449\u0430\u044e\u0442 \u0412\u041f\u041e \u043a\u043e\u043d\u043a\u0443\u0440\u0435\u043d\u0442\u043e\u0432.\n\n\ud83d\udfe2\u041d\u043e\u0432\u044b\u0439 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440 SVC, \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0444\u0438\u0448\u0438\u043d\u0433 \u0441 \u044f\u043d\u0432\u0430\u0440\u044f, \u0432\u043e\u0440\u0443\u0435\u0442 \u0432\u0441\u0451 \u0447\u0442\u043e \u043e\u0431\u044b\u0447\u043d\u043e, \u043f\u043b\u044e\u0441 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0445 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u043e\u0432.\n\n\ud83d\udfe3\u0410 Arcane stealer \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0447\u0435\u0440\u0435\u0437 Youtube. \n\n\u2733\ufe0f \u041d\u0435 \u0441\u043e\u0432\u0441\u0435\u043c \u043f\u043e \u043f\u0440\u043e\u0444\u0438\u043b\u044e \u043a\u0430\u043d\u0430\u043b\u0430, \u043d\u043e \u043f\u0440\u043e\u0439\u0442\u0438 \u043c\u0438\u043c\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u043c: \u0433\u043e\u0434 \u043d\u0430\u0437\u0430\u0434 \u0443 Keenetic \u0443\u0442\u0435\u043a\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0432\u043e\u0442 \u043d\u0430\u043a\u043e\u043d\u0435\u0446 \u043e\u043d\u0438 \u0440\u0435\u0448\u0438\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u0442\u044c \u043e\u0431 \u044d\u0442\u043e\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c. \u041d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u043e\u0447\u0435\u043d\u044c \u043c\u043d\u043e\u0433\u043e \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0430\u0440\u043e\u043b\u0438 Wi-Fi \u0438 \u043a\u043b\u044e\u0447\u0438 VPN.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2025-03-24T09:54:25.000000Z"}, {"uuid": "9b88ff8a-7e58-4e93-98c3-4ec17a20a46a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://t.me/thehackernews/6526", "content": "Two major vendors just patched remote code execution flaws\u2014update NOW before attackers exploit them.\n\n\ud83d\udd34 Veeam Backup (CVE-2025-23120, 9.9/10)\n\u27a1\ufe0f Affects v12.3.0.310 &amp; earlier\n\u27a1\ufe0f Allows RCE by authenticated users\n\u27a1\ufe0f Fixed in v12.3.1 (12.3.1.1139)\n\n\ud83d\udd34 IBM AIX (CVE-2024-56346 &amp; CVE-2024-56347, 10/10 &amp; 9.6/10)\n\u27a1\ufe0f Affects AIX 7.2 &amp; 7.3\n\u27a1\ufe0f Exploitable via NIM services\n\n\u26a0\ufe0f No attacks seen yet, but don\u2019t wait\u2014patch immediately.\n\nFull details: https://thehackernews.com/2025/03/veeam-and-ibm-release-patches-for-high.html", "creation_timestamp": "2025-03-20T15:03:48.000000Z"}, {"uuid": "9dafb306-43af-4698-9c31-6948e50d6acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/theunicornxxl.bsky.social/post/3lkxwh7hxw22v", "content": "", "creation_timestamp": "2025-03-22T14:22:41.049137Z"}, {"uuid": "c9875140-ab4f-4cd9-a4e3-e5a5909845a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lksokj3cz22r", "content": "", "creation_timestamp": "2025-03-20T12:18:04.734618Z"}, {"uuid": "f0339348-0268-4cc6-af82-2e08da31a75f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lkson72ack2r", "content": "", "creation_timestamp": "2025-03-20T12:19:32.835745Z"}, {"uuid": "0ae5ba26-fd2e-4741-aba7-f526d2f3369b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/114197151380174688", "content": "", "creation_timestamp": "2025-03-20T22:37:26.293089Z"}, {"uuid": "ffdca6d3-2581-41b9-be3c-67cab1362ee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/royans.bsky.social/post/3lkvesc3ohj2b", "content": "", "creation_timestamp": "2025-03-21T14:01:23.881546Z"}, {"uuid": "31241357-4307-43d7-a18f-8e5ed3a2fb10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lkvezsc5ak2x", "content": "", "creation_timestamp": "2025-03-21T14:05:35.973358Z"}, {"uuid": "9af6bc27-a98c-43c2-9ca6-b413791db4f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/catc0n/statuses/114191617178926285", "content": "", "creation_timestamp": "2025-03-19T23:09:59.742802Z"}, {"uuid": "b6cbdd56-0dba-451d-a1eb-2cd4dce53508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3lktu6lmngc2r", "content": "", "creation_timestamp": "2025-03-20T23:31:23.180000Z"}, {"uuid": "a4ebb6e9-fb3b-4915-a827-24517990112c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/defendopsdiaries.bsky.social/post/3lktuoz7kd32u", "content": "", "creation_timestamp": "2025-03-20T23:40:34.805050Z"}, {"uuid": "881da14d-dcb5-4b6e-8e48-7e1f1fb5e596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/ben.hybridby.design/post/3lks5nncgx226", "content": "", "creation_timestamp": "2025-03-20T07:15:36.596201Z"}, {"uuid": "0eeb945e-9978-4d68-bb5e-4f6a88a60b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkt57eolit24", "content": "", "creation_timestamp": "2025-03-20T16:40:12.684740Z"}, {"uuid": "1b503d16-7232-49f5-a66f-e14bbee878e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://thehackernews.com/2025/03/veeam-and-ibm-release-patches-for-high.html", "content": "", "creation_timestamp": "2025-03-20T12:43:00.000000Z"}, {"uuid": "61b82e90-d18e-4db5-9465-9208c256f588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23120", "type": "seen", "source": "https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3lksdu6lz5x42", "content": "", "creation_timestamp": "2025-03-20T09:06:50.517248Z"}, {"uuid": "4c3b35e9-bb4a-4ffc-a99d-ac071f6f794f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23120", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/114193962278629715", "content": "", "creation_timestamp": "2025-03-20T09:06:23.107771Z"}, {"uuid": "83df3894-9eab-4a7b-8701-fa28aa73730f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3llrdx7pp7z2s", "content": "", "creation_timestamp": "2025-04-01T17:00:48.226419Z"}, {"uuid": "b76cd7fa-206b-4a7c-a628-e7cd0c7082f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/codewhitesec.bsky.social/post/3llhaof4z3s24", "content": "", "creation_timestamp": "2025-03-28T16:35:33.203945Z"}, {"uuid": "c5470d46-4c2a-4ed6-9153-325dc2d1361f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ln32cpzg6j2b", "content": "", "creation_timestamp": "2025-04-18T07:00:06.532659Z"}, {"uuid": "9f85421c-eb28-4231-98cf-7a65c9d45331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23120", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-48bf1705-e4ed9a203a541613", "content": "", "creation_timestamp": "2025-06-19T14:56:49.411748Z"}, {"uuid": "86cf5b76-8242-4e0b-a67d-baa7a767d403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23120", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}]}