{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33271", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "state": "PUBLISHED", "assignerShortName": "Acronis", "dateReserved": "2026-04-01T00:44:58.761Z", "datePublished": "2026-04-02T17:06:24.089Z", "dateUpdated": "2026-04-03T03:55:49.028Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-04-02T17:06:24.089Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-732", "description": "CWE-732", "type": "CWE"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis True Image", "platforms": ["Windows"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "42902", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902."}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-9108", "name": "SEC-9108", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "@s3nds3c (https://hackerone.com/s3nds3c)", "type": "finder"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}}], "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-02T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-33271"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T03:55:49.028Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33271", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-02T17:46:57.702256Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-02T17:47:01.219Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "@s3nds3c (https://hackerone.com/s3nds3c)"}], "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis True Image", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "42902", "versionType": "semver"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-9108", "name": "SEC-9108", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732"}]}], "providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-04-02T17:06:24.089Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33271", "state": "PUBLISHED", "dateUpdated": "2026-04-03T03:55:49.028Z", "dateReserved": "2026-04-01T00:44:58.761Z", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "datePublished": "2026-04-02T17:06:24.089Z", "assignerShortName": "Acronis"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acronis:true_image:*:*:*:*:*:windows:*:*", "matchCriteriaId": "2BB3F5C3-E7BF-458A-BB47-79B01F3DCF6E", "versionEndExcluding": "2026", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902."}], "id": "CVE-2026-33271", "lastModified": "2026-04-20T16:34:11.363", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "security@acronis.com", "type": "Secondary"}]}, "published": "2026-04-02T18:16:27.903", "references": [{"source": "security@acronis.com", "tags": ["Vendor Advisory"], "url": "https://security-advisory.acronis.com/advisories/SEC-9108"}], "sourceIdentifier": "security@acronis.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "security@acronis.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["windows"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,42902)"}}], "enrichment": {"confidence": 82.0, "confidence_source": "matching", "scores": [{"score": 82.0, "source": "matching"}]}, "original": {"product": "Acronis True Image", "source": "cna", "vendor": "Acronis"}, "product": "true_image", "vendor": "acronis"}], "analysis": {"en": {"generated_at": "2026-04-02T21:57:58.922412+00:00", "value": {"mitigation_remediation": ["Apply the latest Acronis True Image update (build 42902 or later).", "If the update is not yet available, restrict permissions on the vulnerable folders to remove access for standard users.", "Verify that folder permissions adhere to least privilege principles.", "Monitor user accounts for unexpected privilege escalation."], "summary": {"action": "Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Affected Windows versions of Acronis True Image built before build 42902. Users running these builds should treat them as vulnerable.", "description_and_impact": "The vulnerability is a local privilege escalation flaw caused by insecure folder permissions in Acronis True Image. A non\u2011privileged user can read, modify, or delete files that should be protected, allowing the attacker to assume administrative rights. This could lead to the installation of malware, data theft, or other malicious actions.", "risk_and_exploitability": "The CVSS base score is 6.7, indicating moderate severity. No EPSS value is available, and the vulnerability is not listed in the CISA KEV catalog. The flaw requires local access and a user account; by increasing local privileges, an attacker can compromise the system. The risk is higher on systems with standard user accounts and insecure permissions."}}}}, "created": "2026-04-03T08:58:13.630298+00:00", "title": "Local Privilege Escalation via Insecure Folder Permissions in Acronis True Image (before build 42902)", "updated": "2026-04-03T09:18:16.483338+00:00", "vendors": ["acronis", "acronis$PRODUCT$true_image"]}