CVE-2026-32996
published 2026-05-28CVE-2026-32996: This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
PriorityP335high7.3CVSS 4.0
AVLACLATPPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.15%
4.9th percentile
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| veeam | backup_and_replication | 13 – 13.0.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Veeam Backup and Replication up to 13.0.1 on Microsoft log file (kb4852 / EUVD-2026-32712)
vuldb·2026-05-29·CVSS 7.3
CVE-2026-32996 [HIGH] Veeam Backup and Replication up to 13.0.1 on Microsoft log file (kb4852 / EUVD-2026-32712)
A vulnerability classified as problematic was found in Veeam Backup and Replication up to 13.0.1 on Microsoft. This impacts an unknown function. Executing a manipulation can lead to sensitive information in log files.
This vulnerability is tracked as CVE-2026-32996. The attack is restricted to local execution. No exploit exists.
GHSA
GHSA-3xr7-767q-qr44: This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation
ghsa_unreviewed·2026-05-28
CVE-2026-32996 [HIGH] CWE-532 GHSA-3xr7-767q-qr44: This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
No detection rules found.
No public exploits indexed.
2026-05-28
Published