Msp360 Backup vulnerabilities
2 known vulnerabilities affecting msp360/backup.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2025-43596P3CRITICALCVSS 9.8≥ 8.0, < 8.1.1.19v8.02025-05-22
CVE-2025-43596 [CRITICAL] CWE-276 CVE-2025-43596: An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged user
An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged user to execute commands with SYSTEM level privileges using a specially crafted file with an arbitrary file backup target. Upgrade to MSP360 Backup 8.1.1.19 (released on 2025-05-15).
nvd
CVE-2025-43595P2CRITICALCVSS 9.8v4.3.1.1152025-05-01
CVE-2025-43595 [CRITICAL] CWE-276 CVE-2025-43595: An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a low privileged
An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a low privileged user to execute commands with root privileges in the 'Online Backup' folder. Upgrade to MSP360 Backup 4.4 (released on 2025-04-22).
nvd