logo

Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers

ID: fcd0ce0c-6a7c-5f87-91e5-da9f7c0964a7

STIX ID: report--fcd0ce0c-6a7c-5f87-91e5-da9f7c0964a7

Feed Name: Security Affairs

Threat Score
75/100

Date Published: 2026-06-09

Date Updated: 2026-06-10

Author: Pierluigi Paganini

...
...

**Veeam patched a critical RCE (CVE-2026-44963, CVSS 9.4) in Backup & Replication 12.x that can allow low‑privileged domain users to execute code on backup servers; the fix is in 12.3.2.4854 and 13.x is unaffected — no in-the-wild exploitation reported, but risk is high because compromised backup infrastructure enables ransomware and large-scale recovery impact.**

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.