CVE-2026-44963
CVE-2026-44963
In short
An authenticated domain user can execute arbitrary code remotely on the Backup Server, compromising the entire backup infrastructure. This is critical because backups are often the last line of defense against data loss and ransomware attacks.
Technical detail
CWE-502 (Deserialization of Untrusted Data) enables RCE when an authenticated domain user sends malicious serialized objects to the Backup Server. Attack vector requires prior authentication and network access to the service; successful exploitation grants arbitrary code execution with server privileges, potentially affecting data confidentiality, integrity, and availability of all backed-up systems.
Summary generated and translated by AI from the official description.
A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Veeam · Backup and Replicationpublic PoCs found — 2
githubgithub.com/SentinelXofficial/CVE-2026-44963★ 3githubgithub.com/HORKimhab/CVE-2026-44963★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://www.veeam.com/kb4869