Vulners
Lucene search
Veeam Backup and Replication 13.x < 13.0.1.2067 Multiple Vulnerabilities (KB4738 / KB4831)
| Reporter | Title | Published | Views | Family All 70 |
|---|---|---|---|---|
 | CVE-2026-21672 | 12 Mar 202616:26 | – | attackerkb |
| CVE-2026-21671 | 12 Mar 202615:09 | – | attackerkb |
| CVE-2026-21709 | 17 Apr 202615:32 | – | attackerkb |
| CVE-2026-21670 | 12 Mar 202615:09 | – | attackerkb |
| CVE-2026-21708 | 12 Mar 202616:26 | – | attackerkb |
| CVE-2026-21669 | 12 Mar 202615:09 | – | attackerkb |
 | CVE-2026-21669 | 12 Mar 202614:10 | – | circl |
| CVE-2026-21670 | 12 Mar 202614:10 | – | circl |
| CVE-2026-21671 | 12 Mar 202614:10 | – | circl |
| CVE-2026-21672 | 12 Mar 202614:10 | – | circl |
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(303202);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/23");
script_cve_id(
"CVE-2026-21669",
"CVE-2026-21670",
"CVE-2026-21671",
"CVE-2026-21672",
"CVE-2026-21708",
"CVE-2026-21709"
);
script_xref(name:"IAVA", value:"2026-A-0244");
script_name(english:"Veeam Backup and Replication 13.x < 13.0.1.2067 Multiple Vulnerabilities (KB4738 / KB4831)");
script_set_attribute(attribute:"synopsis", value:
"The version of Veeam Backup and Replication installed on the remote Windows host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Veeam Backup and Replication installed on the remote Windows host is prior to 13.0.1.2067. It is,
therefore, affected by multiple vulnerabilities:
- A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup
Server. (CVE-2026-21669)
- A vulnerability allowing a low-privileged user to extract saved SSH credentials. (CVE-2026-21670)
- A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code
execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. (CVE-2026-21671)
- A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
(CVE-2026-21672)
- A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.
(CVE-2026-21708)
- A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature
Enforcement. (CVE-2026-21709)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.veeam.com/kb4738");
script_set_attribute(attribute:"see_also", value:"https://www.veeam.com/kb4831");
script_set_attribute(attribute:"solution", value:
"Upgrade to Veeam Backup and Replication version 13.0.1.2067 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-21669");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2026-21670");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/03/12");
script_set_attribute(attribute:"patch_publication_date", value:"2026/03/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/03/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:veeam:backup_and_replication");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("veeam_backup_and_replication_win_installed.nbin");
script_require_keys("SMB/Registry/Enumerated", "installed_sw/Veeam Backup and Replication");
exit(0);
}
include('vdf.inc');
# @tvdl-content
var vuln_data = {
'metadata': {'spec_version': '1.0'},
'requires': [
{'scope': 'target', 'match': {'os': 'windows'}}
],
'checks': [
{
'product': {'name': 'Veeam Backup and Replication', 'type': 'app'},
'check_algorithm': 'default',
'constraints': [
{'min_version':'13.0', 'fixed_version':'13.0.1.2067'}
]
}
]
};
var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
23 Apr 2026 00:00Current
7.8High risk
Vulners AI Score7.8
CVSS 3.16.5 - 9.9
EPSS0.01518
SSVC