Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code

Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," Veeam said in a Tuesday advisory. It

The article reports that Veeam patched a critical remote code execution vulnerability (CVE-2026-44963, CVSS 9.4) in its Backup & Replication software that allows any authenticated domain user to execute arbitrary code on domain-joined backup servers.[1][7] This affects version 12 builds prior to 12.3.2.4854, while version 13.x is not impacted due to architectural changes.[1][8] From a CyberSE.AI perspective, compromise of a backup platform that may store AI system snapshots, model binaries, vector databases, or configuration secrets is a significant AI supply-chain and resilience risk: an attacker gaining RCE on the backup server can tamper with AI models, training data backups, or agent configs and then restore these malicious states as "trusted" versions. Organizations should integrate this class of backup RCE into their AI SBOM and supply-chain threat model, enforce rapid patching for infrastructure supporting AI workloads, and apply strong network segmentation, least-privilege domain access, and integrity checks on restored AI-related backups.