CVE-2026-27774

MEDIUM

Acronis True Image < 42902 - Local Privilege Escalation via DLL Hijacking

Title source: llm
STIX 2.1

Description

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory
SEC-10057
https://security-advisory.acronis.com/advisories/SEC-10057

Scores

CVSS v3 6.7
EPSS 0.0002
EPSS Percentile 4.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-427
Status published
Products (2)
Acronis/Acronis True Image unspecified - 42902
acronis/true_image < 2026
Published Apr 02, 2026
Tracked Since Apr 02, 2026