CVE-2025-11178

Summary

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for SanDisk (Windows) before build 42679, Acronis True Image OEM (Windows) before build 42575.

Affected Software

VendorProductVersion RangeStatus
AcronisAcronis True Imageunspecified < 42386affected
AcronisAcronis True Image for Western Digitalunspecified < 42636affected
AcronisAcronis True Image for SanDiskunspecified < 42679affected
AcronisAcronis True Image OEMunspecified < 42575affected

Weaknesses

  • CWE-427: CWE-427

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References