← back
CVE-2025-11178

CVE-2025-11178

CVSS 7.3 HIGHEPSS 0.2%CWE-427
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
30 Sep 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679, Acronis True Image OEM (Windows) before build 42575.
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected products
Acronis · Acronis True ImageAcronis · Acronis True Image for SanDiskAcronis · Acronis True Image for Western DigitalAcronis · Acronis True Image OEM

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security-advisory.acronis.com/advisories/SEC-7078