{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-7779", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "state": "PUBLISHED", "assignerShortName": "Acronis", "dateReserved": "2025-07-17T22:39:45.615Z", "datePublished": "2025-09-30T14:52:46.494Z", "dateUpdated": "2026-04-10T13:17:25.600Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-04-10T13:17:25.600Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-269", "description": "CWE-269", "type": "CWE"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis True Image", "platforms": ["macOS"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "42389", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis True Image for SanDisk", "platforms": ["macOS"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "42198", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis True Image for Western Digital", "platforms": ["macOS"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "42197", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis True Image OEM", "platforms": ["macOS"], "versions": [{"version": "unspecified", "status": "affected", "lessThan": "42571", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197, Acronis True Image OEM (macOS) before build 42571."}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-8193", "name": "SEC-8193", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "@nullevent (https://hackerone.com/nullevent)", "type": "finder"}, {"lang": "en", "value": "Carlos Garrido (https://pentraze.com/vulnerability-reports)", "type": "finder"}, {"lang": "en", "value": "Pentraze Cyber Security (https://pentraze.com/vulnerability-reports)", "type": "finder"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}], "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7779", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-01T03:55:58.283462Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T17:47:47.347Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7779", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-01T03:55:58.283462Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-30T15:34:10.239Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "@nullevent (https://hackerone.com/nullevent)"}, {"lang": "en", "type": "finder", "value": "Carlos Garrido (https://pentraze.com/vulnerability-reports)"}, {"lang": "en", "type": "finder", "value": "Pentraze Cyber Security (https://pentraze.com/vulnerability-reports)"}], "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Acronis", "product": "Acronis True Image", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "42389", "versionType": "semver"}], "platforms": ["macOS"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis True Image for SanDisk", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "42198", "versionType": "semver"}], "platforms": ["macOS"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis True Image for Western Digital", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "42197", "versionType": "semver"}], "platforms": ["macOS"], "defaultStatus": "unaffected"}, {"vendor": "Acronis", "product": "Acronis True Image OEM", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "42571", "versionType": "semver"}], "platforms": ["macOS"], "defaultStatus": "unaffected"}], "references": [{"url": "https://security-advisory.acronis.com/advisories/SEC-8193", "name": "SEC-8193", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197, Acronis True Image OEM (macOS) before build 42571."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269"}]}], "providerMetadata": {"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis", "dateUpdated": "2026-04-10T13:17:25.600Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7779", "state": "PUBLISHED", "dateUpdated": "2026-04-10T13:17:25.600Z", "dateReserved": "2025-07-17T22:39:45.615Z", "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "datePublished": "2025-09-30T14:52:46.494Z", "assignerShortName": "Acronis"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for Western Digital (macOS) before build 42197, Acronis True Image OEM (macOS) before build 42571."}, {"lang": "es", "value": "Escalada de privilegios local debido a una configuraci\u00f3n insegura del servicio XPC. Los siguientes productos est\u00e1n afectados: Acronis True Image (macOS) anterior a la compilaci\u00f3n 42389, Acronis True Image para SanDisk (macOS) anterior a la compilaci\u00f3n 42198, Acronis True Image para Western Digital (macOS) anterior a la compilaci\u00f3n 42197."}], "id": "CVE-2025-7779", "lastModified": "2026-04-10T14:16:25.607", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "security@acronis.com", "type": "Secondary"}]}, "published": "2025-09-30T15:15:59.247", "references": [{"source": "security@acronis.com", "url": "https://security-advisory.acronis.com/advisories/SEC-8193"}], "sourceIdentifier": "security@acronis.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@acronis.com", "type": "Secondary"}]}

{}

{"created": "2025-10-02T08:46:23.321543+00:00", "updated": "2025-10-02T08:46:23.321619+00:00", "vendors": ["acronis", "acronis$PRODUCT$true_image", "acronis$PRODUCT$true_image_agent", "apple", "apple$PRODUCT$macos"]}