Vulnerabilities > Veeam > Veeam Backup Replication > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-20 | CVE-2025-23120 | Unspecified vulnerability in Veeam Backup & Replication A vulnerability allowing remote code execution (RCE) for domain users. | 8.8 |
| 2023-03-10 | CVE-2023-27532 | Missing Authentication for Critical Function vulnerability in Veeam Backup & Replication Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. | 7.5 |
| 2022-03-17 | CVE-2022-26500 | Path Traversal vulnerability in Veeam Backup & Replication Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. | 8.8 |
| 2022-03-17 | CVE-2022-26504 | Improper Authentication vulnerability in Veeam Backup & Replication Improper authentication in Veeam Backup & Replication 9.5U3, 9.5U4,10.x and 11.x component used for Microsoft System Center Virtual Machine Manager (SCVMM) allows attackers execute arbitrary code via Veeam.Backup.PSManager.exe | 8.8 |
| 2020-07-03 | CVE-2020-15518 | Missing Authorization vulnerability in Veeam products VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests. | 8.8 |