EUVD-2026-21372
GHSA-xr7f-6r6v-cqmm
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902.
Analysis
Local privilege escalation in Acronis True Image for macOS enables authenticated low-privileged users to gain elevated system privileges through improper environment variable handling. Affects Acronis True Image OEM (macOS) versions prior to build 42571 and Acronis True Image (macOS) prior to build 42902. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all macOS systems running Acronis True Image OEM (versions prior to build 42571) or Acronis True Image (versions prior to build 42902) using endpoint detection tools; restrict local system access for non-administrator users on affected machines. Within 7 days: Implement application-level access controls limiting True Image execution to authorized administrators only; document business-critical systems requiring this software. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today