Veeam has launched safety updates to handle a number of essential vulnerabilities in its Backup & Replication software program that, if efficiently exploited, might lead to distant code execution.
The vulnerabilities are as follows –
- CVE-2026-21666 (CVSS rating: 9.9) – A vulnerability that enables an authenticated area consumer to carry out distant code execution on the Backup Server.
- CVE-2026-21667 (CVSS rating: 9.9) – A vulnerability that enables an authenticated area consumer to carry out distant code execution on the Backup Server.
- CVE-2026-21668 (CVSS rating: 8.8) – A vulnerability that enables an authenticated area consumer to bypass restrictions and manipulate arbitrary information on a Backup Repository.
- CVE-2026-21672 (CVSS rating: 8.8) – A vulnerability that enables native privilege escalation on Home windows-based Veeam Backup & Replication servers.
- CVE-2026-21708 (CVSS rating: 9.9) – A vulnerability that enables a Backup Viewer to carry out distant code execution because the postgres consumer.
The shortcomings, which have an effect on Veeam Backup & Replication 12.3.2.4165 and all earlier model 12 builds, have been addressed in model 12.3.2.4465. CVE-2026-21672 and CVE-2026-21708 have additionally been mounted in Backup & Replication 13.0.1.2067, together with two extra essential safety flaws –
- CVE-2026-21669 (CVSS rating: 9.9) – A vulnerability that enables an authenticated area consumer to carry out distant code execution on the Backup Server.
- CVE-2026-21671 (CVSS rating: 9.1) – A vulnerability that enables an authenticated consumer with the Backup Administrator position to carry out distant code execution in excessive availability (HA) deployments of Veeam Backup & Replication.
“It is essential to notice that when a vulnerability and its related patch are disclosed, attackers will possible try and reverse-engineer the patch to take advantage of unpatched deployments of Veeam software program,” the corporate stated in its advisory.
With vulnerabilities in Veeam software program having been repeatedly exploited by risk actors to hold out ransomware assaults up to now, it is important that customers replace their situations to the newest model to safeguard towards any potential risk.
