Veeam Veeam Backup & Replication — known CVE vulnerabilities
Every CVE whose affected-product data names Veeam Veeam Backup & Replication, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (42)
CVE-2026-21667 — CVSS 9.9 (critical): A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
CVE-2025-48983 — CVSS 9.9 (critical): A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code execution (RCE) on the Backup…
CVE-2026-21666 — CVSS 9.9 (critical): A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
CVE-2026-21669 — CVSS 9.9 (critical): A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
CVE-2024-29849 — CVSS 9.8 (critical): Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
CVE-2021-35971 — CVSS 9.8 (critical): Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft…
CVE-2026-21671 — CVSS 9.1 (critical): A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high…
CVE-2025-59468 — CVSS 9.0 (critical): This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending a malicious…
CVE-2025-59470 — CVSS 9.0 (critical): This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or…
CVE-2025-23121 — CVSS 8.8 (high): A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user
CVE-2020-15518 — CVSS 8.8 (high): VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows…
CVE-2022-26504 — CVSS 8.8 (high): Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine…
CVE-2026-21668 — CVSS 8.8 (high): A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository.
CVE-2024-40710 — CVSS 8.8 (high): A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and…
CVE-2024-40717 — CVSS 8.8 (high): A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution (RCE) by…
CVE-2024-42452 — CVSS 8.8 (high): A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain…
CVE-2025-48984 — CVSS 8.8 (high): A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
CVE-2024-42456 — CVSS 8.8 (high): A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates…
CVE-2024-40714 — CVSS 8.3 (high): An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept…
CVE-2024-42455 — CVSS 8.1 (high): A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure…
CVE-2024-42453 — CVSS 8.1 (high): A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual…
CVE-2024-39718 — CVSS 8.1 (high): An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions…
CVE-2024-40713 — CVSS 7.8 (high): A vulnerability that allows a user who has been assigned a low-privileged role within Veeam Backup & Replication to alter Multi-Factor…
CVE-2024-40712 — CVSS 7.8 (high): A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege…
CVE-2025-55125 — CVSS 7.8 (high): This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root by creating a malicious backup…
CVE-2024-40715 — CVSS 7.7 (high): A vulnerability in Veeam Backup & Replication Enterprise Manager has been identified, which allows attackers to perform authentication…
CVE-2024-29851 — CVSS 7.2 (high): Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
CVE-2025-24286 — CVSS 7.2 (high): A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code.
CVE-2024-42451 — CVSS 6.5 (medium): A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by…
CVE-2024-42457 — CVSS 6.5 (medium): A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a…
CVE-2024-45204 — CVSS 4.3 (medium): A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved…