CVE-2025-11178

HIGH

Acronis True Image <build 42386 - Privilege Escalation

Title source: llm

Description

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679, Acronis True Image OEM (Windows) before build 42575.

References (1)

[Various Sources] https://security-advisory.acronis.com/advisories/SEC-7078

Scores

CVSS v3 7.3

EPSS 0.0001

EPSS Percentile 0.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-427

Status published

Products (4)

Acronis/Acronis True Image unspecified - 42386

Acronis/Acronis True Image for SanDisk unspecified - 42679

Acronis/Acronis True Image for Western Digital unspecified - 42636

Acronis/Acronis True Image OEM unspecified - 42575

Published Sep 30, 2025

Tracked Since Feb 18, 2026