Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3572 articles · 175809 vulns · 37/41 feeds (7d)
← Back to list
0.0
CVE-2026-32997EXPLOITED
veeam · veeam backup & replication

CVE-2026-32997: A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-base

Description

A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server.

Affected Products

VendorProductVersions
veeamveeam backup & replication13

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
veeambackup & replicationcert_advisory90%

References

  • https://www.veeam.com/kb4852

Related News (3 articles)

Tier D
Heise Security47d ago
Sicherheitsupdate: Veeam Backup & Replication unter Linux und Windows angreifbar
→ No new info (linked only)
Tier B
BSI Advisories47d ago
[NEU] [mittel] Veeam Backup & Replication: Mehrere Schwachstellen
→ No new info (linked only)
Tier C
VulDB47d ago
CVE-2026-32997 | Veeam Backup and Replication up to 13.0.1 on Linux absolute path traversal (kb4852)
→ No new info (linked only)
CVSS 3.10.0 NONE
CISA KEV❌ No
Actively exploited✅ Yes
CWECWE-36
PublishedMay 28, 2026
Last enriched47d agov3
Trending Score0
Source articles3
Independent3
Info Completeness8/14
Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

CRITICALPRE-CVE
Critical vulnerability in Veeam Software Appliance Updater Component
Trending: 30
NONECVE-2026-44963EXPKEV
CVE-2026-44963: A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user.
Trending: 1
CRITICALPRE-CVE
Critical vulnerability in Veeam Backup and Replication
Trending: 1
NONECVE-2026-32998EXP
CVE-2026-32998: This vulnerability in Veeam Service Provider Console allows for remote code execution.
MEDIUMCVE-2026-21709
CVE-2026-21709: A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
May 28, 2026
Discovered by ZDM
May 28, 2026
Updated: description, severity, cvssEstimate, affectedVersions, activelyExploited
May 28, 2026
Updated: affectedVersions
May 28, 2026
Actively Exploited
May 29, 2026

Version History

v3
Last enriched 47d ago
v3Tier D47d ago

Updated severity to HIGH, added affected version 13.0.1.2067, and provided patch version 13.0.2.29.

affectedVersions
via Heise Security
v2Tier C47d ago

Updated description with new technical details, changed severity to HIGH, added affected version 13.0.1, and marked the vulnerability as actively exploited.

descriptionseveritycvssEstimateaffectedVersionsactivelyExploited
via VulDB
v147d ago

Initial creation