What is CVE-2023-27532?

CVE-2023-27532 is a high-severity vulnerability in Veeam Backup & Replication that exposes encrypted credentials, allowing unauthorized access to backup infrastructure. Immediate action is necessary to mitigate risks.

What is the severity of CVE-2023-27532?

CVE-2023-27532 has a severity rating of HIGH with a CVSS base score of 7.5.

Is CVE-2023-27532 in CISA KEV?

Yes. CVE-2023-27532 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Organizations should prioritize remediation.

CVE-2023-27532 | High Vulnerability in Veeam Backup & Replication

CVE-2023-27532 is a high-severity vulnerability affecting Veeam Backup & Replication. This vulnerability allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts, posing significant security risks.

The CVSS score for this vulnerability is 7.5, indicating a high severity level. Organizations utilizing Veeam Backup & Replication must prioritize this vulnerability in their remediation efforts to mitigate potential unauthorized access.

Risk to organizations includes unauthorized access to sensitive information stored within backup systems, which could lead to further exploitation or data breaches. Organizations should address this vulnerability immediately to safeguard their infrastructure.

This vulnerability is actively tracked in the Known Exploited Vulnerabilities (KEV) catalog and is subject to known exploitation, increasing the urgency for organizations to implement necessary patches and mitigations.

Vulnerability Details

The vulnerability in Veeam Backup & Replication is characterized as a missing authentication for critical functions, allowing unauthenticated users within the backup infrastructure network perimeter to access encrypted credentials. The CVE-2023-27532 has a CVSS score of 7.5, classified as high severity, indicating that organizations should act swiftly.

The vulnerability was published on March 10, 2023, and identified as CWE-306. The affected product is Veeam Backup & Replication, specifically versions prior to the vendor patch.

Technical Analysis

The root cause of CVE-2023-27532 is a lack of authentication mechanisms for critical functions within Veeam Backup & Replication, which enables attackers to exploit this vulnerability. The attack vector is network-based with low complexity, requiring no privileges or user interaction. The confidentiality impact is high, as attackers may gain access to sensitive encrypted credentials, while there is no integrity or availability impact.

Risk & Impact Analysis

Real-world deployment risk associated with CVE-2023-27532 is significant due to its ability to compromise backup infrastructures that may contain sensitive data. Organizations must recognize the potential blast radius, as unauthorized access could enable further attacks or data loss.

Organizations should prioritize patching immediately. The vulnerability's presence in the KEV catalog and the high EPSS score (0.842) indicates an urgent need for remediation to protect their systems.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	Yes
Ransomware Use	Yes

Affected Versions

The following versions of Veeam Backup & Replication are affected by CVE-2023-27532: All versions prior to vendor patch, specifically versions below 11.0.1.1261 and 12.0.0.1420.

Mitigation & Remediation

To mitigate the risks associated with CVE-2023-27532, organizations should apply the vendor's patches as soon as they are made available. For those unable to immediately apply patches, implementing strict network controls and monitoring for unusual access patterns can help reduce exposure. Organizations may validate remediation through penetration testing to ensure that the vulnerability has been addressed effectively.

Detection Guidance

Organizations should monitor their logs for indicators of unauthorized access attempts related to CVE-2023-27532. Behavioral anomalies, such as unusual login patterns or access to sensitive configurations, should be investigated promptly.

AppSecure Threat Intelligence Insight

CVE-2023-27532 highlights ongoing vulnerabilities within backup infrastructures that can be exploited if not properly secured. Security teams should prioritize vulnerabilities like this in their patching cycles and maintain awareness of the latest threats. For further reading on improving application security, consider exploring our resources on penetration testing methodology and vulnerability management programs to enhance defensive strategies against such vulnerabilities.

Additionally, integrating a comprehensive API security assessment can provide an added layer of security for organizations relying on cloud services.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-27532: High Vulnerability in Veeam Backup & Replication