PT-2025-22510 · Msp360 · Msp360 Backup
Published
2025-05-15
·
Updated
2025-05-22
·
CVE-2025-43596
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MSP360 Backup version 8.0
Description
An insecure file system permissions issue allows a low privileged user to execute commands with SYSTEM level privileges using a specially crafted file with an arbitrary file backup target.
Recommendations
Upgrade to MSP360 Backup 8.1.1.19 to resolve the issue.
Fix
LPE
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Msp360 Backup