Local Privilege Escalation in Veeam Agent for Microsoft Windows
CVE-2026-32996

7.3HIGH

Key Information:

Vendor: Veeam
Status: Backup And Replication
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-32996?

A vulnerability exists in Veeam Agent for Microsoft Windows that permits local privilege escalation, potentially allowing a low-privileged user to gain elevated administrative privileges on the affected system. This flaw could be exploited to execute arbitrary code or access sensitive information, posing significant risks to system integrity and security.

Affected Version(s)

Backup and Replication 13 <= 13.0.1

References

https://www.veeam.com/kb4852

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
Mar 17, 2026

CVE-2026-32996 Data

JSON