Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and proceeds to mount it, Reflect launches the renamed executable (e.g., explorer.exe), which is under attacker control. This occurs because of insufficient validation of companion files referenced during backup mounting.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Paramount Macrium Reflect 安全漏洞
Vulnerability Description
Paramount Macrium Reflect是英国Paramount公司的一款基于镜像的备份和恢复软件。 Paramount Macrium Reflect 2025-06-26及之前版本存在安全漏洞,该漏洞源于验证不足,可能导致通过特制备份文件以管理员权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A