Arbitrary Code Execution via Deserialization in Veeam Agent for Windows

CVE-2022-26503 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges.

Learn more about our User Device Pen Test.