New Veeam vulnerability exposes backup servers to RCE attacks
ID: 1d1fd0fd-d152-5abf-9355-8c8274c80e55
STIX ID: report--1d1fd0fd-d152-5abf-9355-8c8274c80e55
Feed Name: Bleeping Computer
Veeam released security updates to fix CVE-2026-44963, a critical RCE in Veeam Backup & Replication 12.x that permits an authenticated low-privilege domain user to run code on domain-joined backup servers; the flaw is patched in 12.3.2.4854 and is not present in 13.x. Organizations are urged to apply updates promptly because backup servers are high-value targets for ransomware operations that have historically weaponized Veeam vulnerabilities, even though the advisory reports no active exploitation yet.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
