anonhaven
Ad

CVE-2026-33092

HIGH CVSS 3.0: 7.8 EPSS 0.01%
Updated Apr 10, 2026
Acronis
Parameter Value
CVSS 7.8 (HIGH)
Type CWE-15 (External Control of System Setting)
Vendor Acronis
Public PoC No

Local privilege escalation due to improper handling of environment variables. The following products are affected: Acronis True Image OEM (macOS) before build 42571, Acronis True Image (macOS) before build 42902.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v3.0

Weakness Type (CWE)

CWE-15 External Control of System Setting

References 1

https://security-advisory.acronis.com/advisories/SEC-9407
security@acronis.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-33271

Acronis

6.7

CVE-2026-28728

Acronis

6.7

CVE-2026-27774

Acronis

6.7

CVE-2026-28727

Acronis

7.8

CVE-2026-28722

Acronis

7.3