Local Priv Escalation in Veeam Agent for Windows via Malicious Restore
CVE-2025-48982 Published on October 30, 2025

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a system administrator is tricked into restoring a malicious file.

NVD

Weakness Type

Improper Privilege Management

The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Versions

Veeam Agent for Microsoft Windows:

Version 4.7.2, <= 4.7.2 is affected.

Exploit Probability

EPSS

0.05%

Percentile

14.96%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Local Priv Escalation in Veeam Agent for Windows via Malicious RestoreCVE-2025-48982 Published on October 30, 2025

Weakness Type

Improper Privilege Management

Affected Versions

Exploit Probability

Local Priv Escalation in Veeam Agent for Windows via Malicious Restore
CVE-2025-48982 Published on October 30, 2025