CVE-2022-26503

Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges.
References
Link Resource
https://veeam.com Vendor Advisory
https://www.veeam.com/kb4289 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:veeam:veeam:*:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:*:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:2.0:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:2.1:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:2.2:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:3.0.2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

23 Mar 2022, 19:06

Type Values Removed Values Added
CPE cpe:2.3:a:veeam:veeam:2.2:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:2.0:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:2.1:*:*:*:*:*:*:*
cpe:2.3:a:veeam:veeam:3.0.2:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 7.8
References (MISC) https://veeam.com - (MISC) https://veeam.com - Vendor Advisory
References (MISC) https://www.veeam.com/kb4289 - (MISC) https://www.veeam.com/kb4289 - Vendor Advisory
CWE CWE-502

17 Mar 2022, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-17 17:15

Updated : 2024-02-04 22:29


NVD link : CVE-2022-26503

Mitre link : CVE-2022-26503

CVE.ORG link : CVE-2022-26503


JSON object : View

Products Affected

microsoft

  • windows

veeam

  • veeam
CWE
CWE-502

Deserialization of Untrusted Data