Connect with us

Security

Critical RCE Vulnerability in Veeam Backup & Replication Allows Unauthorized Remote Code Execution by Domain Users

Published

1 hour ago

on

June 10, 2026

By

BTI Team

Veeam Releases Critical Security Patches for Backup & Replication Software

Veeam has recently issued security patches to resolve a critical vulnerability in its Backup & Replication software that could potentially lead to remote code execution.

Identified as CVE-2026-44963, this vulnerability has been assigned a CVSS score of 9.4 out of 10.0, signifying its severe impact.

In a statement released on Tuesday, Veeam acknowledged the presence of “a vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.”

Credit for the discovery and responsible disclosure of this vulnerability goes to watchTowr researcher Sina Kheirkhah. The issue affects Veeam Backup & Replication 12.3.2.4465 and all earlier versions of 12 builds.

It is important to note that version 13.x builds of the Veeam Backup & Replication software are not affected by this vulnerability, thanks to architectural enhancements introduced in version 13.

The identified vulnerability has been successfully addressed in Veeam Backup & Replication version 12.3.2.4854.

Earlier in March 2026, Veeam had also resolved multiple critical vulnerabilities in its Backup & Replication software that, if exploited, could lead to remote code execution.

Users are strongly advised to update to the latest version of the software to ensure optimal security, especially considering the past instances of bad actors exploiting vulnerabilities in the program, including ransomware groups.

See also Defending Against Brute Force: How Dashlane Users Can Safeguard Their Passwords

Related Topics:Backup Code Critical Domain Execution RCE Remote Replication Unauthorized Users Veeam Vulnerability

Critical Sentry Vulnerability Enables Root Code Execution

Continue Reading

Click to comment

Leave a Reply
Cancel reply

Instagram and Facebook are breaking the EU’s illegal content rules

Instagram and Facebook are breaking the EU’s illegal content rules

Facebook8 months ago

EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules

Facebook creators who steal and repost videos could lose monetization

Facebook creators who steal and repost videos could lose monetization

Facebook8 months ago

Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos

Facebook is turning into TikTok

Facebook is turning into TikTok

Facebook6 months ago

Facebook’s New Look: A Blend of Instagram’s Style

Facebook removes ICE-tracking page after US government ‘outreach’

Facebook removes ICE-tracking page after US government ‘outreach’

Facebook8 months ago

Facebook Compliance: ICE-tracking Page Removed After US Government Intervention

Facebook and Instagram will let European users see fewer personal ads

Facebook and Instagram will let European users see fewer personal ads

Facebook6 months ago

Facebook and Instagram to Reduce Personalized Ads for European Users

Meta’s AI translation tool can dub your Instagram videos

Meta’s AI translation tool can dub your Instagram videos

Facebook8 months ago

InstaDub: Meta’s AI Translation Tool for Instagram Videos

Facebook and Instagram add new hub to help get hijacked accounts back

Facebook and Instagram add new hub to help get hijacked accounts back

Facebook6 months ago

Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery

Meta is removing its Messenger apps for Windows and macOS

Meta is removing its Messenger apps for Windows and macOS

Apple8 months ago

Meta discontinues Messenger apps for Windows and macOS