Keypoints
- Veeam fixed CVE-2026-44963 in Backup & Replication version 12.3.2.4854.
- The flaw can enable remote code execution on domain-joined backup servers.
- Any authenticated domain user with low privileges could exploit the issue.
- Veeam Backup & Replication version 13.x is not affected.
- Ransomware groups have repeatedly targeted Veeam backup servers and related flaws.