Tag

Veeam

3 briefs RSS

Multiple Critical Vulnerabilities in Veeam Backup & Replication Allow Remote Code Execution

Multiple critical vulnerabilities in Veeam Backup & Replication, including CVE-2026-21666, CVE-2026-21668, CVE-2026-21669, CVE-2026-21670, CVE-2026-21671, CVE-2026-21672, and CVE-2026-21708, allow for remote code execution, privilege escalation, and arbitrary file manipulation by authenticated users, potentially leading to a complete compromise of the backup infrastructure.

veeam rce vulnerability privilege-escalation

2r 3t Mar 14, 2026

medium advisory

Potential Veeam Credential Access via SQL Commands

2 rules 5 TTPs

Attackers can leverage sqlcmd.exe or PowerShell commands like Invoke-Sqlcmd to access Veeam credentials stored in MSSQL databases, potentially targeting backups for destructive operations such as ransomware attacks.

Microsoft Defender XDR +1 veeam credential-access mssql windows ransomware

2r 5t Jul 3, 2024

medium advisory

Veeam Backup Library Loaded by Unusual Process

2 rules 3 TTPs

Detects potential credential decryption operations by PowerShell or unsigned processes using the Veeam.Backup.Common.dll library, indicating potential credential access attempts to target backups as part of destructive operations.

Veeam Backup credential-access veeam powershell

2r 3t May 3, 2024