Todo Backup CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-50892	1 Easeus	1 Todo Backup	2025-09-11	7.8 High
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive information disclosure, denial of service, or local privilege escalation.
CVE-2023-32221	1 Easeus	1 Todo Backup	2025-01-04	8.8 High
EaseUS Todo Backup version 20220111.390 - An omission during installation may allow a local attacker to perform privilege escalation.

Page 1 of 1.