Critical Vulnerability Details
Veeam has released an urgent security update for its Backup & Replication software to address a critical remote code execution vulnerability. Tracked as CVE-2026-44963, this flaw carries a CVSS score of 9.4, indicating its severe nature. The vulnerability allows an authenticated domain user to execute arbitrary code on the backup server remotely. This means that any user with standard domain credentials could potentially compromise the integrity of the entire backup infrastructure.
The issue was discovered and responsibly reported by researcher Sina Kheirkhah from watchTowr. It affects all versions of Veeam Backup & Replication from 12.0 up to and including version 12.3.2.4465. Notably, version 13.x builds are not impacted due to fundamental architectural changes introduced in that release.
Patch and Mitigation
Veeam has resolved the vulnerability with the release of version 12.3.2.4854. The company strongly urges all users of affected versions to apply the update immediately. This recommendation comes with heightened urgency given that previous vulnerabilities in this same software have been actively exploited by ransomware groups and other malicious actors in the wild. The company had addressed multiple critical RCE flaws in the same product just a few months earlier in March 2026, highlighting the importance of keeping backup software current as a key security practice.
Source: The Hacker News
