Pasquale "sid" Fiorillo found a critical vulnerability in Veeam Backup & Replication version 6, 7 and 8. At the time of writing this impact a very large of updated and outdated/legacy Veeam deployments. The vulnerability allows a local unprivileged user of a Windows guest to gain Local and/or Domain Administrator access when VeeamVixProxy is active, the de-facto default in VMWare and Hyper-V environments.