Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3571 articles · 175809 vulns · 37/41 feeds (7d)
← Back to list
6.7
CVE-2026-21709PATCHED
veeam · backup and replication

CVE-2026-21709: A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

Description

A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

Affected Products

VendorProductVersions
veeambackup and replication12, 13

References

  • https://www.veeam.com/kb4830
  • https://www.veeam.com/kb4831

Related News (1 articles)

Tier C
VulDB88d ago
CVE-2026-21709 | Veeam Backup and Replication/Software Appliance Windows Driver Signature Enforcement command injection (kb4830)
→ No new info (linked only)
CVSS 3.16.7 MEDIUM
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited❌ No
Patch available
12.3.213.0.1
CWECWE-77
PublishedApr 17, 2026
Last enriched88d agov2
Trending Score0
Source articles1
Independent1
Info Completeness8/14
Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

CRITICALPRE-CVE
Critical vulnerability in Veeam Software Appliance Updater Component
Trending: 30
NONECVE-2026-44963EXPKEV
CVE-2026-44963: A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
Trending: 1
CRITICALPRE-CVE
Critical vulnerability in Veeam Backup and Replication
Trending: 1
NONECVE-2026-32998EXP
CVE-2026-32998: This vulnerability in Veeam Service Provider Console allows for remote code execution.
NONECVE-2026-32997EXP
CVE-2026-32997: A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-base

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Apr 17, 2026
Discovered by ZDM
Apr 17, 2026
Updated: description, severity
Apr 17, 2026
Patch Available
Apr 20, 2026

Version History

v2
Last enriched 88d ago
v2Tier C88d ago

Updated severity to CRITICAL, corrected exploit availability to false, and provided a more detailed description of the vulnerability.

descriptionseverity
via VulDB
v188d ago

Initial creation