CVE-2026-4824
Received Received - Intake
Improper Privilege Management in Iperius Backup Job Configuration

Publication date: 2026-03-25

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out locally. The attack is considered to have high complexity. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 8.7.4 can resolve this issue. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4824
EUVD
EUVD-2026-16006
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
enter_software iperius_backup to 8.7.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Enter Software Iperius Backup versions up to 8.7.3, specifically in the Backup Job Configuration File Handler component. It involves improper privilege management, meaning that the system does not correctly handle user permissions related to backup job configurations. The attack must be performed locally and is considered to have high complexity, making exploitation difficult. However, the exploit has been publicly disclosed.

Impact Analysis

If exploited, this vulnerability can lead to unauthorized actions due to improper privilege management. This means an attacker with local access and some level of privileges could potentially escalate their privileges or manipulate backup job configurations in a way that compromises confidentiality, integrity, and availability of data handled by the backup software.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Enter Software Iperius Backup to version 8.7.4, which contains the fix for this issue.

Since the attack must be carried out locally and has high complexity, ensuring that only trusted users have local access can also help reduce risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4824. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart