Veeamの「Service Provider Console」および「Backup & Replication」において、3つの脆弱性

Subject: [Security Advisory] Veeam Product Vulnerabilities (CVE-2026-32998 et al.)

Dear IT Administration Team,

This is a notification regarding critical security vulnerabilities identified in Veeam products.

■ Overview
Three vulnerabilities have been disclosed in Veeam's management console and backup solutions. These flaws could allow Remote Code Execution (RCE), arbitrary file writes, and privilege escalation, with one rated as 'Critical'.

■ Affected Scope
- Veeam Service Provider Console 9.x (versions prior to 9.2.0.33215)
- Veeam Backup & Replication 13.x (versions prior to 13.0.1.2067)

■ Mitigation Steps
1. Verify the current version of Veeam products deployed in the environment.
2. If an affected version is in use, immediately apply the latest security updates provided by the vendor.

■ Reference
- Veeam Official Security Bulletins

Priority: High
Deadline: Immediate