CRITICAL🇵🇱 Wersja polska

CVE-2026-21666

CVSS 9.9v3.1pub. 2026-03-12upd. 2026-03-31

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

🤖 AI Analysis
How it works

The vulnerability classified as CWE-284 (Improper Access Control) indicates improper access control that allows an attacker — possessing only credentials of a regular domain user — to execute arbitrary code on the Backup Server. The attack is possible remotely over the network without requiring user interaction or administrative privileges. The network vector (AV:N) and lack of complex configuration requirements (AC:L) make the vulnerability easy to exploit.

Impact

An attacker can gain full control over the Backup Server, obtaining confidentiality, integrity, and availability of stored data (rating C:H/I:H/A:H), which in practice means the ability to delete or modify backups, as well as perform further lateral movement in the organization's network.

Mitigation & patch

Apply patches available from the vendor according to the references: https://www.veeam.com/kb4830. Additionally, until the fix is implemented, it is recommended to restrict network access to the Backup Server only to trusted hosts and monitor unauthorized authentication attempts.

Who is affected

Veeam Backup & Replication — versions indicated in the vendor references (https://www.veeam.com/kb4830)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Veeam Backup \& Replication

    APP
    Veeam
    12.0.0.1402 – 12.3.2.4465 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-40711CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Krytyczne RCE przez deserialization w Veeam Backup & Replication

CVE-2022-26501CRITICAL9.8⚠ KEVten sam produkt

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).

CVE-2026-21669CRITICAL9.9PL ✓ten sam produkt

RCE w Veeam Backup & Replication dla uwierzytelnionych użytkowników domenowych

CVE-2026-21667CRITICAL9.9PL ✓ten sam produkt

RCE w Veeam Backup & Replication dla uwierzytelnionego użytkownika domenowego

CVE-2026-21671CRITICAL9.1PL ✓ten sam produkt

RCE dla administratora kopii zapasowych w Veeam Backup & Replication (HA)