CVE-2019-25608

HIGH SEVERITY

CVSS Score & Metrics

Base Score

8.4 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configure backup jobs to execute malicious batch files or programs before or after backup operations, which run with the privileges of the Iperius Backup Service account (Local System or Administrator), enabling privilege escalation and arbitrary code execution.

Vulnerability Details

Published Date

March 22, 2026

Last Modified

March 23, 2026

CWE ID

CWE-520

Source

NVD

Vendor

Iperius

Product

Iperius Backup

External References

https://www.exploit-db.com/exploits/46863
https://www.iperiusbackup.com/
https://www.iperiusbackup.com/download.aspx
https://www.vulncheck.com/advisories/iperius-backup-privilege-escalation-via-backup-job

CVE-2019-25608

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment