{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4822", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-25T13:56:35.058Z", "datePublished": "2026-03-25T20:31:47.588Z", "dateUpdated": "2026-03-25T20:31:47.588Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-25T20:31:47.588Z"}, "title": "Enter Software Iperius Backup Backup Service Local Privilege Escalation", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-378", "lang": "en", "description": "Creation of Temporary File With Insecure Permissions"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-377", "lang": "en", "description": "Insecure Temporary File"}]}], "affected": [{"vendor": "Enter Software", "product": "Iperius Backup", "versions": [{"version": "8.7.0", "status": "affected"}, {"version": "8.7.1", "status": "affected"}, {"version": "8.7.2", "status": "affected"}, {"version": "8.7.3", "status": "affected"}, {"version": "8.7.4", "status": "unaffected"}], "modules": ["Backup Service"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Enter Software Iperius Backup bis 8.7.3. Affected is an unknown function of the file C:\\ProgramData\\IperiusBackup\\Jobs\\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only possible with local access. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit is now public and may be used. Upgrading to version 8.7.4 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.3, "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6, "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-03-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-25T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-25T15:01:46.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "0truust (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/?id.353122", "name": "VDB-353122 | Enter Software Iperius Backup Backup Service Local Privilege Escalation", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.353122", "name": "VDB-353122 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.774209", "name": "Submit #774209 | Enter Software Iperius Backup <= 8.7.2 Creation of Temporary File in Directory with Insecure Permission", "tags": ["third-party-advisory"]}, {"url": "https://github.com/0truust/iperius-backup-security-advisories/blob/main/advisories/arbitrary-file-disclosure.md", "tags": ["exploit"]}, {"url": "https://www.iperiusbackup.com/download-software-backup.aspx", "tags": ["patch"]}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Enter Software Iperius Backup bis 8.7.3. Affected is an unknown function of the file C:\\ProgramData\\IperiusBackup\\Jobs\\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only possible with local access. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit is now public and may be used. Upgrading to version 8.7.4 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "id": "CVE-2026-4822", "lastModified": "2026-03-25T21:16:48.377", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 1.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-25T21:16:48.377", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/0truust/iperius-backup-security-advisories/blob/main/advisories/arbitrary-file-disclosure.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.353122"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.353122"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.774209"}, {"source": "cna@vuldb.com", "url": "https://www.iperiusbackup.com/download-software-backup.aspx"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-377"}, {"lang": "en", "value": "CWE-378"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-03-25T21:24:07.793585+00:00", "value": {"mitigation_remediation": ["Apply the vendor patch for Iperius Backup version 8.7.4", "If upgrade is not possible, disable local write access to the temporary file directory C:\\ProgramData\\IperiusBackup\\Jobs\\ for non\u2011admin accounts", "Verify that any custom backup jobs have correct ACLs and run with minimal privileges"], "summary": {"action": "Immediate Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "It affects Enter Software Iperius Backup version 8.7.3 on Windows operating systems. The backup service component that processes job files is vulnerable. The vendor has issued a fixed release, 8.7.4, that removes the insecure file handling. Systems that still run 8.7.3 or earlier are susceptible to the described privilege escalation.", "description_and_impact": "The vulnerability allows local users to manipulate the Iperius Backup Backup Service so that it creates a temporary file with insecure permissions. This flaw is triggered in an unknown function of the file located under C:\\ProgramData\\IperiusBackup\\Jobs\\. An attacker who can execute code on the host can abuse the insecure permissions to create files that are later readable or writable by higher\u2011privilege processes, thereby escalating privileges on the system. The flaw is linked to missing validation and improper handling of temporary files, as documented by CWE\u2011377 and CWE\u2011378.", "risk_and_exploitability": "The CVSS base score is 7.3, indicating a high severity for local privilege escalation. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires local access and a high level of technical skill; the public exploit demonstrates that it is achievable, though the description notes it is difficult. Immediate patching is the only reliable mitigation. Until the patch is deployed, limiting local user write permissions to the Jobs directory can reduce risk."}}}}, "created": "2026-03-25T21:46:07.107019+00:00", "updated": "2026-03-25T21:46:07.107046+00:00", "vendors": []}