{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-7779","assignerOrgId":"73dc0fef-1c66-4a72-9d2d-0a0f4012c175","state":"PUBLISHED","assignerShortName":"Acronis","dateReserved":"2025-07-17T22:39:45.615Z","datePublished":"2025-09-30T14:52:46.494Z","dateUpdated":"2026-04-10T13:17:25.600Z"},"containers":{"cna":{"providerMetadata":{"orgId":"73dc0fef-1c66-4a72-9d2d-0a0f4012c175","shortName":"Acronis","dateUpdated":"2026-04-10T13:17:25.600Z"},"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-269","description":"CWE-269","type":"CWE"}]}],"affected":[{"vendor":"Acronis","product":"Acronis True Image","platforms":["macOS"],"versions":[{"version":"unspecified","status":"affected","lessThan":"42389","versionType":"semver"}],"defaultStatus":"unaffected"},{"vendor":"Acronis","product":"Acronis True Image for SanDisk","platforms":["macOS"],"versions":[{"version":"unspecified","status":"affected","lessThan":"42198","versionType":"semver"}],"defaultStatus":"unaffected"},{"vendor":"Acronis","product":"Acronis True Image for Western Digital","platforms":["macOS"],"versions":[{"version":"unspecified","status":"affected","lessThan":"42197","versionType":"semver"}],"defaultStatus":"unaffected"},{"vendor":"Acronis","product":"Acronis True Image OEM","platforms":["macOS"],"versions":[{"version":"unspecified","status":"affected","lessThan":"42571","versionType":"semver"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197, Acronis True Image OEM (macOS) before build 42571."}],"references":[{"url":"https://security-advisory.acronis.com/advisories/SEC-8193","name":"SEC-8193","tags":["vendor-advisory"]}],"credits":[{"lang":"en","value":"@nullevent (https://hackerone.com/nullevent)","type":"finder"},{"lang":"en","value":"Carlos Garrido (https://pentraze.com/vulnerability-reports)","type":"finder"},{"lang":"en","value":"Pentraze Cyber Security (https://pentraze.com/vulnerability-reports)","type":"finder"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_0":{"version":"3.0","baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}],"x_generator":{"engine":"cvelib 1.8.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2025-7779","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-10-01T03:55:58.283462Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T17:47:47.347Z"}}]}}