Veeam Backup RCE Flaw Lets Low-Privileged Domain Users Gain SYSTEM Access
ID: c5f34f1d-1b13-5313-ad4a-c57c401d33ac
STIX ID: report--c5f34f1d-1b13-5313-ad4a-c57c401d33ac
Feed Name: Cyber Press
Threat Score
A critical remote code execution vulnerability (CVE-2026-44963) in Veeam Backup & Replication v12 allows any authenticated domain user to execute code on domain-joined Backup Servers via BinaryFormatter deserialization; affected builds up to 12.3.2.4465 are patched in 12.3.2.4854 (June 2026). The flaw enables full compromise of backup catalogs — making it a high-risk pre-ransomware target — and Veeam notes v13 is immune after removing BinaryFormatter.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
