CVE-2026-33271

MEDIUM

Acronis True Image < 42902 - Local Privilege Escalation via Insecure Folder Permissions

Title source: llm
STIX 2.1

Description

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory
SEC-9108
https://security-advisory.acronis.com/advisories/SEC-9108

Scores

CVSS v3 6.7
EPSS 0.0009
EPSS Percentile 0.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-732
Status published
Products (2)
Acronis/Acronis True Image unspecified - 42902
acronis/true_image < 2026
Published Apr 02, 2026
Tracked Since Apr 02, 2026