CRITICAL🇵🇱 Wersja polska

CVE-2026-21667

CVSS 9.9v3.1pub. 2026-03-12upd. 2026-03-31

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

🤖 AI Analysis
How it works

The vulnerability results from insufficient access control (CWE-284) in the Backup Server component. An authenticated domain user — without the need to have administrative privileges — can send a specially crafted network request to the server, which leads to arbitrary code execution. The vulnerability operates within changed scope (Scope: Changed), which means the ability to impact resources beyond the directly vulnerable component.

Impact

An attacker can take full control of the backup server, gaining access to stored backup data, credentials, and infrastructure protected by Veeam. As a result, breach of confidentiality, integrity and availability of the system is possible, as well as potential lateral movement in the production environment.

Mitigation & patch

Patches available from the vendor should be applied in accordance with references published at https://www.veeam.com/kb4830. Until the patch is deployed, it is recommended to restrict network access to the Backup Server exclusively to trusted hosts and audit domain accounts that have access to the Veeam environment.

Who is affected

Veeam Backup & Replication — versions indicated in vendor references (https://www.veeam.com/kb4830)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Veeam Backup \& Replication

    APP
    Veeam
    12.0.0.1402 – 12.3.2.4465 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-40711CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Krytyczne RCE przez deserialization w Veeam Backup & Replication

CVE-2022-26501CRITICAL9.8⚠ KEVten sam produkt

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).

CVE-2026-21669CRITICAL9.9PL ✓ten sam produkt

RCE w Veeam Backup & Replication dla uwierzytelnionych użytkowników domenowych

CVE-2026-21666CRITICAL9.9PL ✓ten sam produkt

RCE dla uwierzytelnionego użytkownika domenowego w Veeam Backup & Replication

CVE-2026-21671CRITICAL9.1PL ✓ten sam produkt

RCE dla administratora kopii zapasowych w Veeam Backup & Replication (HA)