cbcvebase.

Veeam Backup Replication vulnerabilities

42 known vulnerabilities affecting veeam/veeam_backup_replication.

Total CVEs
42
CISA KEV
4
actively exploited
Public exploits
3
Exploited in wild
5
Severity breakdown
CRITICAL12HIGH22MEDIUM6LOW2

Vulnerabilities

Page 1 of 3
CVE-2024-40711P1CRITICALCVSS 9.8KEVPoCRansomware≥ 12.0.0.1420, < 12.2.0.3342024-09-07
CVE-2024-40711 [CRITICAL] CWE-502 CVE-2024-40711: A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthentica A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
nvd
CVE-2023-27532P1HIGHCVSS 7.5KEVPoCRansomwarefixed in 11.0.1.1261v11.0.1.1261+1 more2023-03-10
CVE-2023-27532 [HIGH] CWE-306 CVE-2023-27532: Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the con Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
nvd
CVE-2022-26501P1CRITICALCVSS 9.8KEVPoCRansomware≥ 10.0.0.4442, < 10.0.1.4854≥ 11.0.0.825, < 11.0.1.1261+2 more2022-03-17
CVE-2022-26501 [CRITICAL] CWE-306 CVE-2022-26501: Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
nvd
CVE-2022-26500P1HIGHCVSS 8.8KEVRansomware≥ 10.0.0.4442, < 10.0.1.4854≥ 11.0.0.825, < 11.0.1.1261+4 more2022-03-17
CVE-2022-26500 [HIGH] CWE-22 CVE-2022-26500: Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows r Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
nvd
CVE-2022-26504P1HIGHCVSS 8.8ExploitedRansomware≥ 10.0.0.4442, < 10.0.1.4854≥ 11.0.0.825, < 11.0.1.1261+4 more2022-03-17
CVE-2022-26504 [HIGH] CWE-287 CVE-2022-26504: Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe
nvd
CVE-2024-29849P2CRITICALCVSS 9.8fixed in 12.1.2.1722024-05-22
CVE-2024-29849 [CRITICAL] CWE-287 CVE-2024-29849: Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise man Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
nvd
CVE-2025-23120P2HIGHCVSS 8.8≥ 12.0.0.1402, < 12.3.1.11392025-03-20
CVE-2025-23120 [HIGH] CWE-502 CVE-2025-23120: A vulnerability allowing remote code execution (RCE) for domain users. A vulnerability allowing remote code execution (RCE) for domain users.
nvd
CVE-2025-23121P2HIGHCVSS 8.8fixed in 12.3.2.36172025-06-19
CVE-2025-23121 [HIGH] CWE-94 CVE-2025-23121: A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
nvd
CVE-2026-21708P2CRITICALCVSS 9.9≥ 12.0.0.1402, < 12.3.2.4465.2026-03-12
CVE-2026-21708 [CRITICAL] CWE-89 CVE-2026-21708: A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.
nvd
CVE-2026-21669P2CRITICALCVSS 9.9≥ 13.0.0.496, < 13.0.1.20672026-03-12
CVE-2026-21669 [CRITICAL] CWE-94 CVE-2026-21669: A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
nvd
CVE-2025-48983P2CRITICALCVSS 9.9≥ 12.0.0.1402, < 12.3.2.41652025-10-31
CVE-2025-48983 [CRITICAL] CWE-284 CVE-2025-48983: A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code exe A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.
nvd
CVE-2025-55125P2CRITICALCVSS 9.8≥ 13.0.0.4967, < 13.0.1.10712026-01-08
CVE-2025-55125 [CRITICAL] CWE-77 CVE-2025-55125: This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root b This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup configuration file.
nvd
CVE-2024-42455P2HIGHCVSS 8.1≥ 12.0.0.1402, < 12.3.0.3102024-12-04
CVE-2024-42455 [HIGH] CWE-306 CVE-2024-42455: A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting se A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist du
nvd
CVE-2025-59470P2CRITICALCVSS 9.0≥ 13.0.0.4967, < 13.0.1.10712026-01-08
CVE-2025-59470 [CRITICAL] CWE-77 CVE-2025-59470: This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres u This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.
nvd
CVE-2026-21667P2HIGHCVSS 8.8≥ 12.0.0.1402, < 12.3.2.44652026-03-12
CVE-2026-21667 [HIGH] CWE-284 CVE-2026-21667: A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
nvd
CVE-2026-21666P2HIGHCVSS 8.8≥ 12.0.0.1402, < 12.3.2.44652026-03-12
CVE-2026-21666 [HIGH] CWE-284 CVE-2026-21666: A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
nvd
CVE-2025-48984P2HIGHCVSS 8.8≥ 12.0.0.1402, < 12.3.2.41652025-10-31
CVE-2025-48984 [HIGH] CWE-94 CVE-2025-48984: A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
nvd
CVE-2024-40717P2HIGHCVSS 8.8≥ 12.0.0.1402, < 12.3.0.3102024-12-04
CVE-2024-40717 [HIGH] CWE-306 CVE-2024-40717: A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to per A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privileges by default. The user can update a job and schedule i
nvd
CVE-2026-21671P3CRITICALCVSS 9.1≥ 13.0.0.496, ≤ 13.0.1.10712026-03-12
CVE-2026-21671 [CRITICAL] CWE-94 CVE-2026-21671: A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
nvd
CVE-2025-59468P3CRITICALCVSS 9.1≥ 13.0.0.4967, < 13.0.1.10712026-01-08
CVE-2025-59468 [CRITICAL] CWE-77 CVE-2025-59468: This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postg This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious password parameter.
nvd
Veeam Backup Replication vulnerabilities | cvebase