Description
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
Published: 2026-06-09
Score: 9.4 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in Veeam Backup and Replication allows an authenticated domain user to execute arbitrary code on the Backup Server. The vulnerability permits an attacker to gain full control of the server, leading to compromise of backup data, and potentially allowing lateral movement within the environment. The weakness falls under CWE-502, indicating an insecure deserialization issue that can directly lead to remote code execution.

Affected Systems

Veeam Backup and Replication is the affected product. No specific product versions are listed in the available data, so all installations of the Backup Server component are potentially impacted.

Risk and Exploitability

The CVSS score of 9.4 categorizes this as Critical, indicating a severe threat. The EPSS score is not available, but the vulnerability is not listed in CISA KEV, suggesting no confirmed active exploitation yet. The likely attack vector requires an authenticated domain user with access to the Backup Server, which limits exposure to users with domain credentials but still poses a high risk due to the ability to fully compromise the server.

Generated by OpenCVE AI on June 10, 2026 at 00:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patch released by Veeam that contains the fix for this RCE flaw. Refer to the official Veeam knowledge base article at https://www.veeam.com/kb4869 for the update details
  • Restrict domain user privileges by ensuring only necessary users have access to the Backup Server, and enforce least‑privilege principles
  • Enable logging and monitor Backup Server activity for unusual authentication or command‑execution patterns

Generated by OpenCVE AI on June 10, 2026 at 00:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://www.veeam.com/kb4869 cve-icon cve-icon
History

Wed, 10 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Veeam
Veeam backup And Replication
Vendors & Products Veeam
Veeam backup And Replication

Tue, 09 Jun 2026 23:00:00 +0000

Type Values Removed Values Added
Description A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
Weaknesses CWE-502
References
Metrics cvssV4_0

{'score': 9.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Veeam Backup And Replication
cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published:

Updated: 2026-06-09T22:27:01.735Z

Reserved: 2026-05-08T15:00:02.447Z

Link: CVE-2026-44963

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-09T23:16:52.617

Modified: 2026-06-09T23:16:52.617

Link: CVE-2026-44963

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T02:30:05Z

Weaknesses