Local Privilege Escalation in Acronis True Image on macOS
CVE-2026-33092

7.8HIGH

Key Information:

Vendor: Acronis
Status: Acronis True Image Oem; Acronis True Image
Vendor: CVE Published:; 10 April 2026

What is CVE-2026-33092?

A vulnerability in Acronis True Image for macOS allows local privilege escalation due to improper handling of environment variables. The flaw affects versions of Acronis True Image OEM before build 42571 and Acronis True Image before build 42902, potentially enabling unauthorized users to elevate their privileges within the operating system.

Affected Version(s)

Acronis True Image macOS < 42902

Acronis True Image OEM macOS < 42571

References

https://security-advisory.acronis.com/advisories/SEC-9407

vendor-advisory

CVSS V3.0

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2026
Vulnerability Reserved
Apr 1, 2026

Credit

@aiqitut (https://hackerone.com/aiqitut)

CVE-2026-33092 Data

JSON