Veeam Backup & Replication - Unauthenticated

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution RCE. id: CVE-2024-40711 info: name: Veeam Backup & Replication - Unauthenticated author: rootxharsh,iamnoooob,DhiyaneshDK severity: critical description: | A deserializati...

Veeam Software Appliance < 13.0.2.29 Arbitrary File Write (CVE-2026-32997)

The version of Veeam Backup and Replication Veeam Software Appliance installed on the remote Linux host is prior to 13.0.2.29. It is, therefore, affected by a vulnerability that allows an authenticated user with the Backup Administrator role to write arbitrary files on the Linux-based Veeam Backu...

Veeam Backup & Replication’s vulnerability handling capabilities

Veeam has identified a vulnerability in Backup & Replication. This vulnerability allows an authenticated domain user to execute remote code on the Backup Server. As a result, an attacker with domain credentials can exploit this vulnerability to gain control over backup operations. This is a...

Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code

Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963 , the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution RCE o...

Veeam Backup and Replication < 12.3.2.4854 (kb4869)

The version of Veeam Backup and Replication installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the kb4869 advisory. - A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user...

Veeam Agent for Microsoft Windows < 13.0.2.29 (kb4852)

The version of Veeam Agent for Microsoft Windows installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the kb4852 advisory. - This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

Veeam Backup And Replication 代码问题漏洞

Veeam Backup and Replication is a backup and replication software developed by the American company Veeam. Veeam Backup and Replication has a code vulnerability that stems from allowing authenticated domain users to execute code remotely...

Vulnerability Resolved in Veeam Backup & Replication 12.3.2.4854

All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 12.3.2.4854. This vulnerability does not affect any version 13.x build of Veeam Backup & Replication due to architectural changes starting in version 13. Veeam Software Security Commitment Veeam® is committ...

Veeam Service Provider Console < 9.2.1.33875 (kb4856)

The version of Veeam Service Provider Console installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the kb4856 advisory. - This vulnerability in Veeam Service Provider Console allows for remote code execution. CVE-2026-32998 Note...

SCVMM Server Component Upgrade Fails After Upgrading to Veeam Backup & Replication 13

Challenge After upgrading Veeam Backup & Replication to version 13, attempts to upgrade the remote components on a highly available System Center Virtual Machine Manager SCVMM management server using the Veeam Backup & Replication Console fail with the following error: Failed to create persistent...

Failed to install Veeam Analytics Service. Failed to establish connection between the Veeam ONE server and Veeam Analytics service. Operation timed out: 10

Challenge After upgrading Veeam ONE to version 13.0.x, the Veeam Analytics Service installation fails with the following error: Failed to install Veeam Analytics Service. Failed to establish connection between the Veeam ONE server and Veeam Analytics service. Operation timed out: 10. The failure...

Support Statement — Impact of SharePoint Service Prioritization on Veeam Backup Performance

Article Applicability This article is regarding SharePoint Service Prioritization, a paid, consumption-based Microsoft Azure feature billed through the customer's Microsoft Azure subscription. It affects only SharePoint and OneDrive backup performance. Exchange Online uses a different throttling...

CVE-2026-32998

This vulnerability in Veeam Service Provider Console allows for remote code execution...

CVE-2026-32996

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

CVE-2026-32997

A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server...

Veeam Backup and Replication < 13.0.2.29 (kb4852)

The version of Veeam Backup and Replication installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the kb4852 advisory. - A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on...

Veeam Service Provider Console < 9.2.1.33875 (kb4853)

The version of Veeam Service Provider Console installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the kb4853 advisory. - This vulnerability in Veeam Service Provider Console allows for remote code execution. CVE-2026-32998 Note...

CVE-2026-32997

A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server...

CVE-2026-32996

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

CVE-2026-32998

This vulnerability in Veeam Service Provider Console allows for remote code execution...