PT-2025-39998 · Acronis · Acronis True Image For Sandisk+2
Carlos Garrido
+1
·
Published
2025-09-30
·
Updated
2025-09-30
·
CVE-2025-7779
CVSS v3.1
8.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Acronis True Image (macOS) versions prior to build 42389
Acronis True Image for SanDisk (macOS) versions prior to build 42198
Acronis True Image for Western Digital (macOS) versions prior to build 42197
Description
An insecure XPC service configuration can lead to local privilege escalation. XPC (eXtension Programming Interface) is a macOS framework for inter-process communication. An insecure configuration of this service allows an attacker to gain elevated privileges on the system.
Recommendations
Update Acronis True Image (macOS) to build 42389 or later.
Update Acronis True Image for SanDisk (macOS) to build 42198 or later.
Update Acronis True Image for Western Digital (macOS) to build 42197 or later.
Fix
LPE
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis True Image
Acronis True Image For Sandisk
Acronis True Image For Western Digital