The company said the vulnerability was discovered in the Veeam Updater component, allowing threat actors to run man-in-the-middle (MitM) attacks, executing arbitrary codes with root-level permissions.