Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Warning TWCERTCC-200-202603-00000015

[Content Description]
Veeam Backup and Replication is the core backup software of Veeam. Veeam recently released a major cybersecurity vulnerability announcement.

【CVE-2026-21666, CVSS: 9.9】Allows an authenticated domain user to remotely execute code on the backup server.

【CVE-2026-21667, CVSS: 9.9】Allows an authenticated domain user to remotely execute code on the backup server.

【CVE-2026-21668, CVSS: 8.8】Allows an authenticated domain user to bypass restrictions and manipulate arbitrary files in the backup repository.

【CVE-2026-21672, CVSS: 8.8】A native privilege escalation vulnerability exists in the Windows-based Veeam Backup and Replication server.

【CVE-2026-21708, CVSS: 9.9】Allows a backup viewer to remotely execute code as a user.

【CVE-2026-21669, CVSS: 9.9】Allows an authenticated domain user to remotely execute code on the backup server.

【CVE-2026-21671, CVSS: 9.1】Allows an authenticated user with the backup administrator role to remotely execute code in a Veeam Backup and Replication high availability (HA) deployment.

[Affected Platforms]
Veeam Backup and Replication versions 12.3.2.4165 and earlier
Veeam Backup and Replication versions 13.0.1.1071 and earlier

[Recommended Actions]
Please update to the following versions: Veeam Backup and Replication 12.3.2.4465, Veeam Backup and Replication 13.0.1.2067

[References]
1. https://www.twcert.org.tw/tw/cp-169-10783-d40f5-1.html