Local Privilege Escalation in Acronis True Image for macOS
CVE-2025-7779

8.8HIGH

Key Information:

Vendor: Acronis
Status: Acronis True Image; Acronis True Image For Sandisk; Acronis True Image For Western Digital
Vendor: CVE Published:; 30 September 2025

What is CVE-2025-7779?

Acronis True Image for macOS is susceptible to local privilege escalation, stemming from an insecure XPC service configuration. This vulnerability affects multiple builds of Acronis True Image, including versions prior to build 42389 for Acronis True Image, build 42198 for the SanDisk variant, and build 42197 for the Western Digital variant. Exploitation of this vulnerability could allow a malicious actor to elevate their privileges on the affected systems, potentially compromising sensitive user data and system integrity.

Affected Version(s)

Acronis True Image for SanDisk macOS < 42198

Acronis True Image for Western Digital macOS < 42197

Acronis True Image macOS < 42389

References

https://security-advisory.acronis.com/advisories/SEC-8193

vendor-advisory

CVSS V3.0

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 30, 2025
Vulnerability Reserved
Jul 17, 2025

Credit

@nullevent (https://hackerone.com/nullevent)

Carlos Garrido (https://pentraze.com/vulnerability-reports)

Pentraze Cyber Security (https://pentraze.com/vulnerability-reports)

JSON