Veeam has launched security updates to handle a number of crucial vulnerabilities in its Backup & Replication software program that, if efficiently exploited, may end in distant code execution.
The vulnerabilities are as follows –
- CVE-2026-21666 (CVSS rating: 9.9) – A vulnerability that permits an authenticated area consumer to carry out distant code execution on the Backup Server.
- CVE-2026-21667 (CVSS rating: 9.9) – A vulnerability that permits an authenticated area consumer to carry out distant code execution on the Backup Server.
- CVE-2026-21668 (CVSS rating: 8.8) – A vulnerability that permits an authenticated area consumer to bypass restrictions and manipulate arbitrary information on a Backup Repository.
- CVE-2026-21672 (CVSS rating: 8.8) – A vulnerability that permits native privilege escalation on Home windows-based Veeam Backup & Replication servers.
- CVE-2026-21708 (CVSS rating: 9.9) – A vulnerability that permits a Backup Viewer to carry out distant code execution because the postgres consumer.
The shortcomings, which have an effect on Veeam Backup & Replication 12.3.2.4165 and all earlier model 12 builds, have been addressed in model 12.3.2.4465. CVE-2026-21672 and CVE-2026-21708 have additionally been mounted in Backup & Replication 13.0.1.2067, together with two extra crucial security flaws –
- CVE-2026-21669 (CVSS rating: 9.9) – A vulnerability that permits an authenticated area consumer to carry out distant code execution on the Backup Server.
- CVE-2026-21671 (CVSS rating: 9.1) – A vulnerability that permits an authenticated consumer with the Backup Administrator position to carry out distant code execution in excessive availability (HA) deployments of Veeam Backup & Replication.
“It is necessary to notice that after a vulnerability and its related patch are disclosed, attackers will doubtless try and reverse-engineer the patch to use unpatched deployments of Veeam software program,” the corporate mentioned in its advisory.
With vulnerabilities in Veeam software program having been repeatedly exploited by menace actors to hold out ransomware assaults up to now, it is important that customers replace their situations to the newest model to safeguard towards any potential menace.
