{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4822", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-25T13:56:35.058Z", "datePublished": "2026-03-25T20:31:47.588Z", "dateUpdated": "2026-03-28T01:48:17.741Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-27T22:22:32.719Z"}, "title": "Enter Software Iperius Backup Backup Service temp file", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-378", "lang": "en", "description": "Creation of Temporary File With Insecure Permissions"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-377", "lang": "en", "description": "Insecure Temporary File"}]}], "affected": [{"vendor": "Enter Software", "product": "Iperius Backup", "versions": [{"version": "8.7.0", "status": "affected"}, {"version": "8.7.1", "status": "affected"}, {"version": "8.7.2", "status": "affected"}, {"version": "8.7.3", "status": "affected"}, {"version": "8.7.4", "status": "unaffected"}], "modules": ["Backup Service"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\\ProgramData\\IperiusBackup\\Jobs\\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only possible with local access. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit is now public and may be used. Upgrading to version 8.7.4 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.3, "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6, "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-03-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-25T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-26T00:58:34.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "0truust (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/?id.353122", "name": "VDB-353122 | Enter Software Iperius Backup Backup Service temp file", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.353122", "name": "VDB-353122 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.774209", "name": "Submit #774209 | Enter Software Iperius Backup <= 8.7.2 Creation of Temporary File in Directory with Insecure Permission", "tags": ["third-party-advisory"]}, {"url": "https://github.com/0truust/iperius-backup-security-advisories/blob/main/advisories/arbitrary-file-disclosure.md", "tags": ["exploit"]}, {"url": "https://www.iperiusbackup.com/download-software-backup.aspx", "tags": ["patch"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-28T01:47:58.282384Z", "id": "CVE-2026-4822", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-28T01:48:17.741Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4822", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-28T01:47:58.282384Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-28T01:48:13.923Z"}}], "cna": {"title": "Enter Software Iperius Backup Backup Service temp file", "credits": [{"lang": "en", "type": "reporter", "value": "0truust (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6, "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C"}}], "affected": [{"vendor": "Enter Software", "modules": ["Backup Service"], "product": "Iperius Backup", "versions": [{"status": "affected", "version": "8.7.0"}, {"status": "affected", "version": "8.7.1"}, {"status": "affected", "version": "8.7.2"}, {"status": "affected", "version": "8.7.3"}, {"status": "unaffected", "version": "8.7.4"}]}], "timeline": [{"lang": "en", "time": "2026-03-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-25T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-26T00:58:34.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.353122", "name": "VDB-353122 | Enter Software Iperius Backup Backup Service temp file", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.353122", "name": "VDB-353122 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.774209", "name": "Submit #774209 | Enter Software Iperius Backup <= 8.7.2 Creation of Temporary File in Directory with Insecure Permission", "tags": ["third-party-advisory"]}, {"url": "https://github.com/0truust/iperius-backup-security-advisories/blob/main/advisories/arbitrary-file-disclosure.md", "tags": ["exploit"]}, {"url": "https://www.iperiusbackup.com/download-software-backup.aspx", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\\ProgramData\\IperiusBackup\\Jobs\\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only possible with local access. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit is now public and may be used. Upgrading to version 8.7.4 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-378", "description": "Creation of Temporary File With Insecure Permissions"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-377", "description": "Insecure Temporary File"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-27T22:22:32.719Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4822", "state": "PUBLISHED", "dateUpdated": "2026-03-28T01:48:17.741Z", "dateReserved": "2026-03-25T13:56:35.058Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-25T20:31:47.588Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Enter Software Iperius Backup up to 8.7.3. Affected is an unknown function of the file C:\\ProgramData\\IperiusBackup\\Jobs\\ of the component Backup Service. Performing a manipulation results in creation of temporary file with insecure permissions. The attack is only possible with local access. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit is now public and may be used. Upgrading to version 8.7.4 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}, {"lang": "es", "value": "Una vulnerabilidad fue detectada en Enter Software Iperius Backup hasta 8.7.3. Afecta a una funci\u00f3n desconocida del archivo C:\\ProgramData\\IperiusBackup\\Jobs\\ del componente Backup Service. Realizar una manipulaci\u00f3n resulta en la creaci\u00f3n de un archivo temporal con permisos inseguros. El ataque solo es posible con acceso local. Un alto grado de complejidad es necesario para el ataque. La explotabilidad se dice que es dif\u00edcil. El exploit ahora es p\u00fablico y puede ser utilizado. La actualizaci\u00f3n a la versi\u00f3n 8.7.4 puede solucionar este problema. Se recomienda actualizar el componente afectado. El proveedor fue contactado tempranamente, respondi\u00f3 de una manera muy profesional y r\u00e1pidamente lanz\u00f3 una versi\u00f3n corregida del producto afectado."}], "id": "CVE-2026-4822", "lastModified": "2026-03-27T23:17:15.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 1.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-03-25T21:16:48.377", "references": [{"source": "[email protected]", "url": "https://github.com/0truust/iperius-backup-security-advisories/blob/main/advisories/arbitrary-file-disclosure.md"}, {"source": "[email protected]", "url": "https://vuldb.com/?ctiid.353122"}, {"source": "[email protected]", "url": "https://vuldb.com/?id.353122"}, {"source": "[email protected]", "url": "https://vuldb.com/?submit.774209"}, {"source": "[email protected]", "url": "https://www.iperiusbackup.com/download-software-backup.aspx"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-377"}, {"lang": "en", "value": "CWE-378"}], "source": "[email protected]", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.7.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.7.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.7.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.7.3"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "8.7.4"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Iperius Backup", "source": "cna", "vendor": "Enter Software"}, "product": "iperius_backup", "vendor": "enter_software"}], "analysis": {"en": {"generated_at": "2026-03-25T21:24:07.793585+00:00", "value": {"mitigation_remediation": ["Apply the vendor patch for Iperius Backup version 8.7.4", "If upgrade is not possible, disable local write access to the temporary file directory C:\\ProgramData\\IperiusBackup\\Jobs\\ for non\u2011admin accounts", "Verify that any custom backup jobs have correct ACLs and run with minimal privileges"], "summary": {"action": "Immediate Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "It affects Enter Software Iperius Backup version 8.7.3 on Windows operating systems. The backup service component that processes job files is vulnerable. The vendor has issued a fixed release, 8.7.4, that removes the insecure file handling. Systems that still run 8.7.3 or earlier are susceptible to the described privilege escalation.", "description_and_impact": "The vulnerability allows local users to manipulate the Iperius Backup Backup Service so that it creates a temporary file with insecure permissions. This flaw is triggered in an unknown function of the file located under C:\\ProgramData\\IperiusBackup\\Jobs\\. An attacker who can execute code on the host can abuse the insecure permissions to create files that are later readable or writable by higher\u2011privilege processes, thereby escalating privileges on the system. The flaw is linked to missing validation and improper handling of temporary files, as documented by CWE\u2011377 and CWE\u2011378.", "risk_and_exploitability": "The CVSS base score is 7.3, indicating a high severity for local privilege escalation. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires local access and a high level of technical skill; the public exploit demonstrates that it is achievable, though the description notes it is difficult. Immediate patching is the only reliable mitigation. Until the patch is deployed, limiting local user write permissions to the Jobs directory can reduce risk."}}}}, "created": "2026-03-25T21:46:07.107019+00:00", "updated": "2026-03-26T11:31:37.318214+00:00", "vendors": ["enter_software", "enter_software$PRODUCT$iperius_backup"]}