Question in regards to the new CVE's. Three RCE security flaws patched today (tracked as CVE-2026-21666, CVE-2026-21667, and CVE-2026-21669) allow low-privileged domain users to execute remote code on vulnerable backup servers in low-complexity attacks.
According to article this also affects V12 - this was patched in 12.3.2.4465. 12.3.2.4465 was released back in October.
V13 was just patched in 13.0.1.2067 which was released yesterday - March 12.
If V12 was patched last year.....why was V13 not addressed at same time?
-
bschmidt
- Influencer
- Posts: 12
- Liked: 2 times
- Joined: Sep 24, 2020 6:43 pm
- Full Name: B
- Contact:
-
irosinsk
- Novice
- Posts: 5
- Liked: 8 times
- Joined: Feb 16, 2026 4:46 pm
- Contact:
Re: New CVE's
According to the date on the KB article, it looks like the 12.3.2.4465 patch came out just this week. Looks like the patch from October was 12.3.2.4165, almost the same build number, but a few hundred earlier.
Best as I can tell, based on the patch filenames and the articles, the v12 and v13 fixes for these CVEs came out at the same time.
Best as I can tell, based on the patch filenames and the articles, the v12 and v13 fixes for these CVEs came out at the same time.
-
bschmidt
- Influencer
- Posts: 12
- Liked: 2 times
- Joined: Sep 24, 2020 6:43 pm
- Full Name: B
- Contact:
Re: New CVE's
Your right. The build numbers were so similar that I missed it. Thanks!
Who is online
Users browsing this forum: Amazon [Bot], Bing [Bot], Google [Bot], Semrush [Bot] and 28 guests