Platform
macos
Component
acronis-true-image
Fixed in
42571
42902
CVE-2026-33092 describes a privilege escalation vulnerability affecting Acronis True Image OEM (macOS) and Acronis True Image (macOS). This flaw arises from improper handling of environment variables, potentially allowing an attacker to gain elevated privileges on the system. Versions prior to build 42571 for OEM and build 42902 for the standard product are affected. A fix is available in build 42902.
Successful exploitation of CVE-2026-33092 could allow an attacker to escalate their privileges on a macOS system running vulnerable versions of Acronis True Image. This means a standard user could potentially gain administrative access, enabling them to install software, modify system settings, access sensitive data, and compromise the integrity of the entire system. The impact is particularly concerning in environments where user accounts have limited privileges, as this vulnerability provides a relatively straightforward path to gaining full control. While the specific attack vectors remain undisclosed, the improper handling of environment variables suggests potential manipulation of processes or services launched by Acronis True Image.
CVE-2026-33092 was publicly disclosed on 2026-04-10. As of this writing, there are no publicly available proof-of-concept exploits. The vulnerability is not currently listed on the CISA KEV catalog. The EPSS score is pending evaluation, but the potential for privilege escalation suggests a medium to high probability of exploitation if a suitable exploit is developed and released.
Exploit Status
EPSS
0.02% (3% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-33092 is to upgrade to Acronis True Image build 42902 or later. If immediate upgrading is not feasible due to compatibility issues or system downtime constraints, consider implementing stricter environment variable restrictions within the macOS system. This could involve limiting the scope of environment variables accessible to Acronis True Image processes or implementing runtime checks to validate environment variable values. While not a complete solution, this can reduce the attack surface. After upgrading, verify the fix by attempting to execute a process with elevated privileges and confirming that the environment variable manipulation fails.
Update Acronis True Image OEM (macOS) to version 42571 or later, or Acronis True Image (macOS) to version 42902 or later to mitigate the privilege escalation vulnerability due to improper handling of environment variables. See the Acronis security advisory page for more details and installation instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-33092 is a privilege escalation vulnerability in Acronis True Image OEM (macOS) and Acronis True Image (macOS) caused by improper environment variable handling, allowing potential privilege elevation.
You are affected if you are using Acronis True Image OEM (macOS) before build 42571 or Acronis True Image (macOS) before build 42902.
Upgrade to Acronis True Image build 42902 or later to remediate the vulnerability. Consider environment variable restrictions as a temporary workaround.
As of the current date, there are no publicly known active exploits for CVE-2026-33092.
Please refer to the official Acronis security advisory for detailed information and updates regarding CVE-2026-33092.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.