Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: veeam (1 article)Clear

Veeam backup server flaw lets low-privilege domain users run code

Veeam has patched a critical flaw in Backup and Replication, one of the most widely deployed enterprise backup tools, that lets any authenticated low-privilege domain user run code remotely on the backup server. The bug (CVE-2026-44963, rated 9.4) only affects version 12 installations joined to an Active Directory domain; version 13, which uses a different architecture, is not affected, and workgroup setups are safe. No exploitation has been seen yet, but Veeam warns attackers often move quickly once patches reveal the flaw, and backup servers are a prime ransomware target because compromising them cripples recovery. The fix is build 12.3.2.4854.

Check
Identify Veeam Backup and Replication version 12 servers, determine which are joined to an Active Directory domain, and review the domain-user access granted to the backup console.
Affected
Domain-joined Veeam Backup and Replication 12.3.2.4465 and earlier version 12 builds (CVE-2026-44963). Version 13 and workgroup-only deployments are not affected.
Fix
Upgrade to Veeam Backup and Replication 12.3.2.4854 now. Where patching must wait, isolate backup servers from the domain network and tighten which domain users can reach the console.