Description
A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
Published: 2026-03-12
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Patch Immediately
AI Analysis

Impact

The vulnerability allows an attacker with local access to elevate privileges on a Windows-based Veeam Backup & Replication server, potentially granting administrative authority over the system and unauthorized manipulation of backup data. This weakness can compromise the confidentiality, integrity, and availability of the backed‑up data. The weakness is a form of information exposure (CWE‑538).

Affected Systems

Veeam Backup & Replication engines running on Windows servers are affected. No specific product versions are listed in the CNA data, so all installations on Windows environment that use Veeam Backup & Replication should be considered at risk.

Risk and Exploitability

The CVSS score is currently not available, so the precise severity rating cannot be determined. The EPSS score of less than 1 % suggests that exploitation is unlikely to be common in the wild, and the issue is not listed in CISA’s KEV catalogue. The likely attack vector is local: an attacker must already have some form of local access or be able to run code on the affected machine. While the probability of exploitation is low, the potential consequences warrant prompt attention and patching.

Generated by OpenCVE AI on April 18, 2026 at 19:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑supplied security patch or update for Backup & Replication per the provided KB articles.
  • Restrict local user privileges to the minimum required for backup operations and disable any unused services to reduce the attack surface.
  • Continuously monitor system logs for signs of privilege escalation or anomalous activity.

Generated by OpenCVE AI on April 18, 2026 at 19:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation in Windows Veeam Backup & Replication

Sat, 18 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Vulnerability in Veeam Backup & Replication
Weaknesses CWE-284

Fri, 17 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Fri, 17 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-538

Fri, 27 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Vulnerability in Veeam Backup & Replication
Weaknesses CWE-284

Fri, 27 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation on Veeam Backup & Recovery
Weaknesses CWE-264
CWE-285

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation on Veeam Backup & Recovery
Weaknesses CWE-264
CWE-285

Thu, 26 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
Title Veeam Backup & Replication Windows Local Privilege Escalation Vulnerability
Weaknesses CWE-284
CWE-732

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Veeam Backup & Replication Windows Local Privilege Escalation Vulnerability
Weaknesses CWE-284
CWE-732

Wed, 25 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation in Windows Veeam Backup & Replication
Weaknesses CWE-332
CWE-862

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation in Windows Veeam Backup & Replication
Weaknesses CWE-332
CWE-862

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Local privilege escalation on Veeam Backup & Replication servers
Weaknesses CWE-269
CWE-284

Mon, 23 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Title Local privilege escalation on Veeam Backup & Replication servers
Weaknesses CWE-269
CWE-284

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Vulnerability in Veeam Backup & Replication on Windows
Weaknesses CWE-269
CWE-280

Fri, 20 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Vulnerability in Veeam Backup & Replication on Windows
Weaknesses CWE-269
CWE-280

Fri, 13 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Veeam
Veeam backup And Recovery
Vendors & Products Veeam
Veeam backup And Recovery

Thu, 12 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 17:00:00 +0000

Type Values Removed Values Added
Description A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Veeam Backup And Recovery
cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published:

Updated: 2026-04-17T15:32:11.662Z

Reserved: 2026-01-02T15:00:02.872Z

Link: CVE-2026-21672

cve-icon Vulnrichment

Updated: 2026-03-12T17:27:35.885Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-12T17:16:35.633

Modified: 2026-04-17T16:16:35.783

Link: CVE-2026-21672

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T19:45:08Z

Weaknesses