Vendor CVEs
Veeam
All CVEs
81 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42448 | Cri | 0.69 | 9.9 | 0.20 | Dec 12, 2024 | From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine. | ||
| CVE-2024-39714 | Cri | 0.65 | 9.9 | 0.01 | Sep 7, 2024 | A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server. | ||
| CVE-2026-21708 | Cri | 0.64 | 9.9 | 0.01 | Mar 12, 2026 | A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. | ||
| CVE-2026-21669 | Cri | 0.64 | 9.9 | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | ||
| CVE-2024-38650 | Cri | 0.64 | 9.9 | 0.01 | Sep 7, 2024 | An authentication bypass vulnerability can allow a low privileged attacker to access the NTLM hash of service account on the VSPC server. | ||
| CVE-2024-1244 | Cri | 0.62 | — | 0.00 | Jun 11, 2025 | Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine… | ||
| CVE-2026-44963 | Cri | 0.61 | — | 0.02 | Jun 9, 2026 | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user. | ||
| CVE-2026-32998 | Cri | 0.61 | — | 0.00 | May 28, 2026 | This vulnerability in Veeam Service Provider Console allows for remote code execution. | ||
| CVE-2026-21671 | Cri | 0.59 | 9.1 | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | ||
| CVE-2025-23114 | Cri | 0.59 | 9.0 | 0.01 | Feb 5, 2025 | A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate. | ||
| CVE-2026-21672 | Hig | 0.57 | 8.8 | 0.00 | Mar 12, 2026 | A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers. | ||
| CVE-2026-21668 | Hig | 0.57 | 8.8 | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository. | ||
| CVE-2026-32997 | Hig | 0.56 | — | 0.01 | May 28, 2026 | A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server. | ||
| CVE-2025-32406 | Hig | 0.56 | 8.6 | 0.00 | Apr 8, 2025 | An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response. | ||
| CVE-2024-39715 | Hig | 0.56 | 8.5 | 0.01 | Sep 7, 2024 | A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on VSPC server. | ||
| CVE-2024-38651 | Hig | 0.56 | 8.5 | 0.01 | Sep 7, 2024 | A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server. | ||
| CVE-2025-22447 | Hig | 0.51 | 7.8 | 0.00 | Mar 6, 2025 | Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command with LocalSystem privilege. | ||
| CVE-2024-23774 | Hig | 0.51 | 7.8 | 0.00 | Apr 30, 2024 | An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM… | ||
| CVE-2024-23773 | Hig | 0.51 | 7.8 | 0.00 | Apr 30, 2024 | An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges. | ||
| CVE-2026-21670 | Hig | 0.50 | 7.7 | 0.00 | Mar 12, 2026 | A vulnerability allowing a low-privileged user to extract saved SSH credentials. | ||
| CVE-2026-32996 | Hig | 0.47 | — | 0.00 | May 28, 2026 | This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation. | ||
| CVE-2024-42449 | Hig | 0.46 | 7.1 | 0.05 | Dec 4, 2024 | From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine. | ||
| CVE-2023-27532 | 0.25 | — | 0.78 | KEV | Mar 10, 2023 | Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. | ||
| CVE-2022-26501 | 0.24 | — | 0.04 | KEV | Mar 17, 2022 | Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). | ||
| CVE-2024-48248 | 0.20 | — | 0.94 | KEV | Mar 4, 2025 | NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials). | ||
| CVE-2022-26500 | 0.20 | — | 0.06 | KEV | Mar 17, 2022 | Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. | ||
| CVE-2020-10915 | 0.10 | — | 0.87 | Apr 22, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack… | |||
| CVE-2020-10914 | 0.09 | — | 0.47 | Apr 22, 2020 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PerformHandshake method. The issue results from the… | |||
| CVE-2024-29849 | 0.04 | — | 0.17 | May 22, 2024 | Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. | |||
| CVE-2019-11569 | 0.03 | — | 0.02 | May 6, 2019 | Veeam ONE Reporter 9.5.0.3201 allows CSRF. | |||
| CVE-2024-29855 | 0.02 | — | 0.22 | Jun 11, 2024 | Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator | |||
| CVE-2024-29212 | 0.02 | — | 0.02 | May 13, 2024 | Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine. | |||
| CVE-2020-15418 | 0.02 | — | 0.09 | Jul 28, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.750_20200415. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSRSReport class. Due to the improper… | |||
| CVE-2023-38547 | 0.01 | — | 0.19 | Nov 7, 2023 | A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database. | |||
| CVE-2026-21666 | 0.00 | — | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | |||
| CVE-2026-21667 | 0.00 | — | 0.01 | Mar 12, 2026 | A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | |||
| CVE-2025-48983 | 0.00 | — | 0.01 | Oct 30, 2025 | A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user. | |||
| CVE-2025-48982 | 0.00 | — | 0.00 | Oct 30, 2025 | This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a system administrator is tricked into restoring a malicious file. | |||
| CVE-2025-48984 | 0.00 | — | 0.01 | Oct 30, 2025 | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user. | |||
| CVE-2025-23082 | 0.00 | — | 0.00 | Jan 14, 2025 | Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | |||
| CVE-2024-45204 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial… | |||
| CVE-2024-42451 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side.… | |||
| CVE-2024-42453 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially… | |||
| CVE-2024-45207 | 0.00 | — | 0.00 | Dec 4, 2024 | DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it… | |||
| CVE-2024-42457 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and… | |||
| CVE-2024-42452 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges.… | |||
| CVE-2024-45206 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources. | |||
| CVE-2024-40717 | 0.00 | — | 0.01 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed… | |||
| CVE-2024-42456 | 0.00 | — | 0.00 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result… | |||
| CVE-2024-42455 | 0.00 | — | 0.14 | Dec 4, 2024 | A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service… |
- risk 0.69cvss 9.9epss 0.20
From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.
- risk 0.65cvss 9.9epss 0.01
A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server.
- risk 0.64cvss 9.9epss 0.01
A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.
- risk 0.64cvss 9.9epss 0.01
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
- risk 0.64cvss 9.9epss 0.01
An authentication bypass vulnerability can allow a low privileged attacker to access the NTLM hash of service account on the VSPC server.
- risk 0.62cvss —epss 0.00
Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine…
- risk 0.61cvss —epss 0.02
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
- risk 0.61cvss —epss 0.00
This vulnerability in Veeam Service Provider Console allows for remote code execution.
- risk 0.59cvss 9.1epss 0.01
A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
- risk 0.59cvss 9.0epss 0.01
A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate.
- risk 0.57cvss 8.8epss 0.00
A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
- risk 0.57cvss 8.8epss 0.01
A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository.
- risk 0.56cvss —epss 0.01
A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server.
- risk 0.56cvss 8.6epss 0.00
An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response.
- risk 0.56cvss 8.5epss 0.01
A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on VSPC server.
- risk 0.56cvss 8.5epss 0.01
A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server.
- risk 0.51cvss 7.8epss 0.00
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command with LocalSystem privilege.
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM…
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges.
- risk 0.50cvss 7.7epss 0.00
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
- risk 0.47cvss —epss 0.00
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
- risk 0.46cvss 7.1epss 0.05
From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine.
- risk 0.25cvss —epss 0.78
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
- risk 0.24cvss —epss 0.04
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2).
- risk 0.20cvss —epss 0.94
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).
- risk 0.20cvss —epss 0.06
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code.
- CVE-2020-10915Apr 22, 2020risk 0.10cvss —epss 0.87
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack…
- CVE-2020-10914Apr 22, 2020risk 0.09cvss —epss 0.47
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PerformHandshake method. The issue results from the…
- CVE-2024-29849May 22, 2024risk 0.04cvss —epss 0.17
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
- CVE-2019-11569May 6, 2019risk 0.03cvss —epss 0.02
Veeam ONE Reporter 9.5.0.3201 allows CSRF.
- CVE-2024-29855Jun 11, 2024risk 0.02cvss —epss 0.22
Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator
- CVE-2024-29212May 13, 2024risk 0.02cvss —epss 0.02
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine.
- CVE-2020-15418Jul 28, 2020risk 0.02cvss —epss 0.09
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.750_20200415. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSRSReport class. Due to the improper…
- CVE-2023-38547Nov 7, 2023risk 0.01cvss —epss 0.19
A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database.
- CVE-2026-21666Mar 12, 2026risk 0.00cvss —epss 0.01
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
- CVE-2026-21667Mar 12, 2026risk 0.00cvss —epss 0.01
A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
- CVE-2025-48983Oct 30, 2025risk 0.00cvss —epss 0.01
A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup infrastructure hosts by an authenticated domain user.
- CVE-2025-48982Oct 30, 2025risk 0.00cvss —epss 0.00
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a system administrator is tricked into restoring a malicious file.
- CVE-2025-48984Oct 30, 2025risk 0.00cvss —epss 0.01
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
- CVE-2025-23082Jan 14, 2025risk 0.00cvss —epss 0.00
Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
- CVE-2024-45204Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial…
- CVE-2024-42451Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side.…
- CVE-2024-42453Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially…
- CVE-2024-45207Dec 4, 2024risk 0.00cvss —epss 0.00
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it…
- CVE-2024-42457Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and…
- CVE-2024-42452Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges.…
- CVE-2024-45206Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbitrary HTTP requests to arbitrary hosts of the network and get information about internal resources.
- CVE-2024-40717Dec 4, 2024risk 0.00cvss —epss 0.01
A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed…
- CVE-2024-42456Dec 4, 2024risk 0.00cvss —epss 0.00
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result…
- CVE-2024-42455Dec 4, 2024risk 0.00cvss —epss 0.14
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service…
Page 1 of 2