CVE-2026-21709 PUBLISHED

Assigner: hackerone
Reserved: 04.01.2026 Published: 17.04.2026 Updated: 17.04.2026

A vulnerability allowing a local attacker with administrator privileges to bypass Windows Driver Signature Enforcement.

Product Status

Vendor Veeam
Product Backup and Replication
Versions Default: unaffected
  • affected from 12 to 12.3.2 (excl.)
Vendor Veeam
Product Software Appliance
Versions Default: unaffected
  • affected from 13 to 13.0.1 (excl.)

References

Problem Types

  • CWE-77 Command Injection - Generic CWE