Vulnerable Backup Server Allows Unintended Code Execution

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.9

Vulnerable Backup Server Allows Unintended Code Execution

CVE-2026-21667

Summary

Some Backup Server users with a valid login can run unauthorized code on the server, which can lead to data breaches or system crashes. This is a serious security risk because it means an attacker could potentially take control of the server. To protect your system, update the Backup Server software to the latest version or patch as soon as possible.

Original title

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

Original description

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

nvd CVSS3.1 9.9

Vulnerability type

CWE-284 Improper Access Control

https://www.veeam.com/kb4830

Published: 12 Mar 2026 · Updated: 14 Mar 2026 · First seen: 12 Mar 2026