CVE-2026-32998

This vulnerability in Veeam Service Provider Console allows for remote code execution...

Veeam Service Provider Console < 9.2.1.33875 (kb4853)

The version of Veeam Service Provider Console installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the kb4853 advisory. - This vulnerability in Veeam Service Provider Console allows for remote code execution. CVE-2026-32998 Note...

EUVD-2026-32714

This vulnerability in Veeam Service Provider Console allows for remote code execution...

CVE-2026-32998

This vulnerability in Veeam Service Provider Console allows for remote code execution...

CVE-2026-32998

Veeam Service Provider Console (VSPC) contains a critical remote code execution vulnerability (CVE-2026-32998) that affects versions prior to the fix. The CVE is addressed starting with VSPC 9.2.1.33875, per Veeam KB4853 and KB4788, which state the vulnerability was fixed and list the affected bu...

Veeam Service Provider Console 安全漏洞

Veeam Service Provider Console is a cloud-enabled platform developed by the American company Veeam. There is a security vulnerability in Veeam Service Provider Console, which may lead to remote code execution...

PT-2026-44176

This vulnerability in Veeam Service Provider Console allows for remote code execution...

CVE-2024-45206

A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources...

CVE-2024-29212

Due to an unsafe de-serialization method used by the Veeam Service Provider ConsoleVSPC server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution RCE on the VSPC server machine...

Veeam Service Provider Console < 8.1.0.21999 Multiple Vulnerabilities (kb4679)

The version of Veeam Service Provider Console installed on the remote host is prior to 8.1.0.21999. It is, therefore, affected by multiple vulnerabilities as referenced in the kb4679 advisory. - From the VSPC management agent machine, under the condition that the management agent is authorized on...

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

Veeam has released security updates to address a critical flaw impacting Service Provider Console VSPC that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted...

CVE-2024-45206

A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources...

CVE-2024-45206

The CVE-2024-45206 issue affects Veeam Service Provider Console (SPC) up through 8.0.x. It allows an attacker to perform arbitrary HTTP requests to arbitrary hosts in the network and access information about internal resources. Remediation: upgrade to Veeam Service Provider Console 8.1.0.21377 or...

CVE-2024-45206

A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources...

CVE-2024-45206

A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources...

Veeam Service Provider Console 安全漏洞

Veeam Service Provider Console is a cloud-enabled platform from Veeam USA. A security vulnerability exists in the Veeam Service Provider Console that originates from allowing arbitrary HTTP requests to be performed on arbitrary hosts on the network and obtain information about internal resources...

PT-2024-9161 · Veeam · Veeam Service Provider Console

Name of the Vulnerable Software and Affected Versions: Veeam Service Provider Console VSPC versions prior to 8.1.0.21377 Description: The issue is related to access control errors in the Veeam Service Provider Console VSPC backup and restore software for remote and cloud clients. It allows a remo...

Fixed vulnerabilities in several Veeam products.

Veeam has fixed vulnerabilities in several products, including Backup & Replication, ONE, Service Provider Console and Agent. UPDATE: POC code is now available online and CVE-2024-40711 has recently been actively abused to roll out ransomware. A malicious party can exploit the vulnerabilities to...

The vulnerability of the backup and data recovery software for Veeam Service Provider Console (VSPC) clients that are located remotely or in the cloud lies in improper code generation. This allows an attacker to execute arbitrary code.

The vulnerability of the backup and data recovery software for Veeam Service Provider Console VSPC for remote and cloud-based customers is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Console (VSPC) users allows a hacker to bypass authentication procedures and gain unauthorized access to protected information.

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Consoles is related to insufficient protection of service data. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures an...