Backup And Replication
Monthly
Remote code execution in Veeam Backup & Replication enables an authenticated domain user to execute arbitrary code on the Backup Server, with CVSS 4.0 score of 9.4 reflecting high impact across confidentiality, integrity, and availability of both the vulnerable component and downstream systems. The vulnerability is tagged as a deserialization flaw (CWE-502), and while no public exploit is identified at time of analysis, the low attack complexity and only-low-privilege requirement make this a high-priority patching event for any environment running Veeam in a domain-joined configuration.
Arbitrary file write in Veeam Backup & Replication 13 (≤13.0.1) on Linux-based deployments allows an authenticated Backup Administrator to write files anywhere on the server filesystem, enabling code execution and full host compromise. CVSS 4.0 scores this 8.6 (High) due to network-reachable exploitation with high impact across confidentiality, integrity, and availability, though high privileges are required. No public exploit identified at time of analysis.
Bypass of Windows Driver Signature Enforcement in Veeam Backup and Replication 12.x and Software Appliance 13.x allows local administrators to load unsigned kernel drivers, potentially enabling persistent kernel-level compromise. The vulnerability requires high-level administrative privileges and is not actively exploited in the wild; however, EPSS scoring (0.01%) suggests this is a low-probability exploitation target despite the high CVSS score, indicating the attack scenario is constrained by strict privilege and configuration requirements.
Remote code execution in Veeam Backup & Replication enables an authenticated domain user to execute arbitrary code on the Backup Server, with CVSS 4.0 score of 9.4 reflecting high impact across confidentiality, integrity, and availability of both the vulnerable component and downstream systems. The vulnerability is tagged as a deserialization flaw (CWE-502), and while no public exploit is identified at time of analysis, the low attack complexity and only-low-privilege requirement make this a high-priority patching event for any environment running Veeam in a domain-joined configuration.
Arbitrary file write in Veeam Backup & Replication 13 (≤13.0.1) on Linux-based deployments allows an authenticated Backup Administrator to write files anywhere on the server filesystem, enabling code execution and full host compromise. CVSS 4.0 scores this 8.6 (High) due to network-reachable exploitation with high impact across confidentiality, integrity, and availability, though high privileges are required. No public exploit identified at time of analysis.
Bypass of Windows Driver Signature Enforcement in Veeam Backup and Replication 12.x and Software Appliance 13.x allows local administrators to load unsigned kernel drivers, potentially enabling persistent kernel-level compromise. The vulnerability requires high-level administrative privileges and is not actively exploited in the wild; however, EPSS scoring (0.01%) suggests this is a low-probability exploitation target despite the high CVSS score, indicating the attack scenario is constrained by strict privilege and configuration requirements.