CVE-2025-7779 HIGH

CVE-2025-7779

Vendor Acronis

Product Acronis True Image

Weakness CWE-269

Published September 30, 2025

Last update April 10, 2026

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197, Acronis True Image OEM (macOS) before build 42571.

Key dates

02Disclosure timeline

September 30, 2025 CVE published

April 10, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-7779 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

Identifiers

CVE CVE-2025-7779

CWE CWE-269

CVSS 8.8 / HIGH

Affected versions

Vendor Acronis

Product Acronis True Image

Affected ≥ unspecified and < 42389

Vendor Acronis

Product Acronis True Image for SanDisk

Affected ≥ unspecified and < 42198

Vendor Acronis

Product Acronis True Image for Western Digital

Affected ≥ unspecified and < 42197

Vendor Acronis

Product Acronis True Image OEM

Affected ≥ unspecified and < 42571

CVE-2025-7779

01Description

02Disclosure timeline

03References

04Related CVE