Rockwell Automation Lifecycle Services with Veeam Backup and Replication

Back to Archive

Source

CISA_ICS

Published

4-1-2025

CVE IDs

CVE-2025-23120

Affected Products

VersaVirtual Appliance (VVA) with Veeam, Industrial Data Center (IDC) with Veeam

Summary

Successful exploitation of this vulnerability could allow an attacker with administrative privileges to execute code on the target system.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-091-01https://www.cve.org/CVERecord?id=CVE-2025-23120https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H