Description
A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
Published: 2026-03-12
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Patch Immediately
AI Analysis

Impact

The vulnerability allows an attacker with local access to elevate privileges on a Windows-based Veeam Backup & Replication server, potentially granting administrative authority over the system and unauthorized manipulation of backup data. This weakness can compromise the confidentiality, integrity, and availability of the backed‑up data. The weakness is a form of improper access control, as classified by CWE‑284.

Affected Systems

Veeam Backup & Replication engines running on Windows servers are affected. No specific product versions are listed in the CNA data, so all installations on Windows environment that use Veeam Backup & Replication should be considered at risk.

Risk and Exploitability

The CVSS score of 8.8 places the flaw in the high‑severity range, indicating significant impact if exploited. The EPSS score of less than 1 % suggests that exploitation is unlikely to be common in the wild, and the issue is not listed in CISA’s KEV catalogue. The likely attack vector is local: an attacker must already have some form of local access or be able to run code on the affected machine. While the probability of exploitation is low, the potential consequences warrant prompt attention and patching.

Generated by OpenCVE AI on March 27, 2026 at 11:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the Veeam support site for a security patch or update for Backup & Replication using the provided KB links.
  • If a patch is not yet available, limit local user privileges to essential accounts and disable unnecessary services to reduce the attack surface.
  • Monitor system logs for signs of privilege escalation or anomalous activity.
  • Verify that all instances of Veeam Backup & Replication on Windows servers are running the latest version.

Generated by OpenCVE AI on March 27, 2026 at 11:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Vulnerability in Veeam Backup & Replication
Weaknesses CWE-284

Fri, 27 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation on Veeam Backup & Recovery
Weaknesses CWE-264
CWE-285

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation on Veeam Backup & Recovery
Weaknesses CWE-264
CWE-285

Thu, 26 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
Title Veeam Backup & Replication Windows Local Privilege Escalation Vulnerability
Weaknesses CWE-284
CWE-732

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Veeam Backup & Replication Windows Local Privilege Escalation Vulnerability
Weaknesses CWE-284
CWE-732

Wed, 25 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation in Windows Veeam Backup & Replication
Weaknesses CWE-332
CWE-862

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation in Windows Veeam Backup & Replication
Weaknesses CWE-332
CWE-862

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Local privilege escalation on Veeam Backup & Replication servers
Weaknesses CWE-269
CWE-284

Mon, 23 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Title Local privilege escalation on Veeam Backup & Replication servers
Weaknesses CWE-269
CWE-284

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Vulnerability in Veeam Backup & Replication on Windows
Weaknesses CWE-269
CWE-280

Fri, 20 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Vulnerability in Veeam Backup & Replication on Windows
Weaknesses CWE-269
CWE-280

Fri, 13 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Veeam
Veeam backup And Recovery
Vendors & Products Veeam
Veeam backup And Recovery

Thu, 12 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 17:00:00 +0000

Type Values Removed Values Added
Description A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Veeam Backup And Recovery
cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published:

Updated: 2026-03-13T03:55:47.412Z

Reserved: 2026-01-02T15:00:02.872Z

Link: CVE-2026-21672

cve-icon Vulnrichment

Updated: 2026-03-12T17:27:35.885Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-12T17:16:35.633

Modified: 2026-03-12T21:07:53.427

Link: CVE-2026-21672

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T20:27:17Z

Weaknesses