CVE-2026-33092

HIGH

Acronis True Image < 42902 / OEM < 42571 - Local Privilege Escalation via Environment Variable

Title source: llm
STIX 2.1

Description

Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory
SEC-9407
https://security-advisory.acronis.com/advisories/SEC-9407

Scores

CVSS v3 7.8
EPSS 0.0018
EPSS Percentile 7.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-15
Status published
Products (2)
Acronis/Acronis True Image unspecified - 42902
Acronis/Acronis True Image OEM unspecified - 42571
Published Apr 10, 2026
Tracked Since Apr 10, 2026