Microsoft
CVE-2026-21672
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
AnalysisAI
Local privilege escalation in Veeam Backup & Replication on Windows enables authenticated users to gain system-level access without user interaction. An attacker with local account credentials can exploit this vulnerability to achieve complete control over the backup infrastructure, including reading, modifying, or deleting backups. No patch is currently available for this high-severity issue affecting backup administrators and organizations relying on Veeam for data protection.
Technical ContextAI
A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
Affected ProductsAI
A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
RemediationAI
Monitor vendor advisories for a patch.
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today