—

CVE-2026-32998EXPLOITED

veeam · service provider console

CVE-2026-32998: This vulnerability in Veeam Service Provider Console allows for remote code execution.

Description

This vulnerability in Veeam Service Provider Console allows for remote code execution.

Affected Products

Vendor	Product	Versions
veeam	service provider console	9

References

https://www.veeam.com/kb4853

Related News (2 articles)

Tier C

VulDB12h ago

CVE-2026-32998 | Veeam Service Provider Console up to 9.2 parameters (kb4853)

→ No new info (linked only)

Tier B

CERT-FR18h ago

Multiples vulnérabilités dans les produits Veeam (28 mai 2026)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-233

PublishedMay 28, 2026

Last enriched6h agov3

Trending Score62

Source articles2

Independent2

Info Completeness8/14

Missing: cvss, epss, kev, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2026-32997EXP

CVE-2026-32997: A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-base

Trending: 60

NONECVE-2026-32996

CVE-2026-32996: This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.

Trending: 47

PRE-CVE

Multiple vulnerabilities in Veeam Backup and Recovery Orchestrator products

Trending: 20

MEDIUMCVE-2026-21709

CVE-2026-21709: A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

CRITICALCVE-2026-21667

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 28, 2026

Discovered by ZDM

May 28, 2026

Updated: description, severity, affectedVersions, activelyExploited

May 28, 2026

Updated: affectedVersions, severity, exploitAvailable

May 28, 2026

Actively Exploited

May 28, 2026

Exploit Available

May 28, 2026

Version History

Last enriched 6h ago

v3Tier B6h ago

Updated affected versions to include 9.2.1.x and 9.2.1.33875, and changed severity to CRITICAL with exploit now available.

affectedVersionsseverityexploitAvailable

via CERT-FR

v2Tier C12h ago

Updated severity to HIGH, added affected version 9.2, and provided a more detailed description of the vulnerability.

descriptionseverityaffectedVersionsactivelyExploited

via VulDB

v112h ago

Initial creation