Description
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
Published: 2026-04-02
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

Acronis True Image for Windows contains a flaw that allows a local attacker to gain elevated privileges by hijacking a library file. The issue is classified as path manipulation (CWE‑427). When the application loads a library from a directory that the attacker can control, arbitrary code can be executed with the application's privileges, potentially granting system‑level access.

Affected Systems

Users running any Windows build of Acronis True Image prior to build 42902 are affected. The vulnerability applies to installations that have not installed that build or later updates.

Risk and Exploitability

The CVSS score of 6.7 signifies moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, indicating no known public exploits. The likely attack vector is that an attacker must be able to place a malicious DLL in a directory considered by True Image, which requires local access or the ability to run the application with elevated permissions. Once the DLL is loaded the attacker can execute arbitrary code with the privileges of the process, posing a significant risk to the affected systems.

Generated by OpenCVE AI on April 2, 2026 at 21:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Acronis True Image update (build 42902 or later)

Generated by OpenCVE AI on April 2, 2026 at 21:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation via DLL Hijacking in Acronis True Image
First Time appeared Acronis
Acronis true Image
Vendors & Products Acronis
Acronis true Image

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
Weaknesses CWE-427
References
Metrics cvssV3_0

{'score': 6.7, 'vector': 'CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Acronis True Image
cve-icon MITRE

Status: PUBLISHED

Assigner: Acronis

Published:

Updated: 2026-04-03T03:55:47.929Z

Reserved: 2026-04-01T00:44:58.734Z

Link: CVE-2026-27774

cve-icon Vulnrichment

Updated: 2026-04-02T17:46:33.413Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T18:16:26.930

Modified: 2026-04-03T16:10:23.730

Link: CVE-2026-27774

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:18:17Z

Weaknesses