logo

Veeam Backup RCE Flaw Lets Low-Privileged Domain Users Gain SYSTEM Access

ID: c5f34f1d-1b13-5313-ad4a-c57c401d33ac

STIX ID: report--c5f34f1d-1b13-5313-ad4a-c57c401d33ac

Feed Name: Cyber Press

Threat Score
80/100

Date Published: 2026-07-06

Date Updated: 2026-07-06

Author: Lucas Martin

...
...

A critical remote code execution vulnerability (CVE-2026-44963) in Veeam Backup & Replication v12 allows any authenticated domain user to execute code on domain-joined Backup Servers via BinaryFormatter deserialization; affected builds up to 12.3.2.4465 are patched in 12.3.2.4854 (June 2026). The flaw enables full compromise of backup catalogs — making it a high-risk pre-ransomware target — and Veeam notes v13 is immune after removing BinaryFormatter.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.