threat
engine
.sh
Back
·
··:··
Home
/
Product
/
veeam backup \& replication
Product
veeam backup \& replication
41 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-21671
>= 13.0.0.496 and <= 13.0.1.1071
A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high a
9.1
CRITICAL
CVE-2026-21670
>= 13.0.0.496 and <= 13.0.1.1071
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
7.7
HIGH
CVE-2026-21669
>= 13.0.0.496 and < 13.0.1.2067
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
9.9
CRITICAL
CVE-2026-21668
>= 12.0.0.1402 and < 12.3.2.4465
A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository
8.8
HIGH
CVE-2026-21667
>= 12.0.0.1402 and < 12.3.2.4465
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
9.9
CRITICAL
CVE-2026-21666
>= 12.0.0.1402 and < 12.3.2.4465
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
9.9
CRITICAL
CVE-2025-59470
>= 13.0.0.4967 and < 13.0.1.1071
This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious int
9.0
CRITICAL
CVE-2025-59469
>= 13.0.0.4967 and < 13.0.1.1071
This vulnerability allows a Backup or Tape Operator to write files as root.
9.0
CRITICAL
CVE-2025-59468
>= 13.0.0.4967 and < 13.0.1.1071
This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicio
9.0
CRITICAL
CVE-2025-55125
>= 13.0.0.4967 and < 13.0.1.1071
This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup
7.8
HIGH
CVE-2025-48984
>= 12.0.0.1402 and < 12.3.2.4165
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
8.8
HIGH
CVE-2025-48983
>= 12.0.0.1402 and < 12.3.2.4165
A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup inf
9.9
CRITICAL
CVE-2025-24286
< 12.3.2.3617
A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary
7.2
HIGH
CVE-2025-23121
< 12.3.2.3617
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
8.8
HIGH
CVE-2025-23120
>= 12.0.0.1402 and < 12.3.1.1139
A vulnerability allowing remote code execution (RCE) for domain users.
8.8
HIGH
CVE-2024-45204
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes
4.3
MEDIUM
CVE-2024-42457
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a
6.5
MEDIUM
CVE-2024-42456
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that
8.8
HIGH
CVE-2024-42455
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure de
8.1
HIGH
CVE-2024-42453
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual i
8.1
HIGH
CVE-2024-42452
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain cr
8.8
HIGH
CVE-2024-42451
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achi
6.5
MEDIUM
CVE-2024-40717
>= 12.0.0.1402 and < 12.3.0.310
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RC
8.8
HIGH
CVE-2024-40715
< 12.2.0.334
A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentica
7.7
HIGH
CVE-2024-40714
< 12.2.0.334
An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept
8.3
HIGH
CVE-2024-40713
< 12.2.0.334
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Fa
7.8
HIGH
CVE-2024-40712
< 12.2.0.334
A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local pr
7.8
HIGH
CVE-2024-40711
>= 12.0.0.1420 and < 12.2.0.334
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE
9.8
CRITICAL
CVE-2024-40710
< 12.2.0.334
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account an
8.8
HIGH
CVE-2024-39718
>= 12.0.0.1402 and < 12.2.0.334
An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissio
8.1
HIGH
CVE-2024-29852
< 12.1.2.172
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
2.7
LOW
CVE-2024-29851
< 12.1.2.172
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
7.2
HIGH
CVE-2024-29850
< 12.1.2.172
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
8.8
HIGH
CVE-2024-29849
< 12.1.2.172
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
9.8
CRITICAL
CVE-2023-27532
< 11.0.1.1261
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obta
7.5
HIGH
CVE-2022-26504
>= 10.0.0.4442 and < 10.0.1.4854
Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtua
8.8
HIGH
CVE-2022-26501
>= 10.0.0.4442 and < 10.0.1.4854
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
9.8
CRITICAL
CVE-2022-26500
>= 10.0.0.4442 and < 10.0.1.4854
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users acce
8.8
HIGH
CVE-2021-35971
>= 10.0 and < 10.0.1.4854
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during
9.8
CRITICAL
CVE-2020-15518
< 10.0
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allow
8.8
HIGH
CVE-2015-5742
<= 8.0.0.2030
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with wor
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin