CVE-2026-4824 HIGH

CVE-2026-4824: Enter Software Iperius Backup Backup Job Configuration File privileges management

Vendor Enter Software
Product Iperius Backup
Weakness CWE-269
Published March 25, 2026
Last update March 26, 2026
View on NVD All CVEs

CVSS base score

7.3/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out locally. The attack is considered to have high complexity. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 8.7.4 can resolve this issue. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Key dates

02Disclosure timeline

March 25, 2026 CVE published
March 26, 2026 Record updated