CVE-2019-25608

HIGH 8.4

Iperius Backup 6.1.0 Privilege Escalation via Backup Job

CVSS Score

8.4

EPSS Score

0.0%

EPSS Percentile

2th

Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configure backup jobs to execute malicious batch files or programs before or after backup operations, which run with the privileges of the Iperius Backup Service account (Local System or Administrator), enabling privilege escalation and arbitrary code execution.

CWE	CWE-520
Vendor	iperius
Product	iperius backup
Published	Mar 22, 2026
Last Updated	Mar 23, 2026

Stay Ahead of the Next One

Get instant alerts for iperius iperius backup

Be the first to know when new high vulnerabilities affecting iperius iperius backup are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Iperius / Iperius Backup

6.1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/46863 iperiusbackup.com: https://www.iperiusbackup.com/ iperiusbackup.com: https://www.iperiusbackup.com/download.aspx vulncheck.com: https://www.vulncheck.com/advisories/iperius-backup-privilege-escalation-via-backup-job

Credits

bzyo