CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-43596

An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged user to execute commands with SYSTEM level privileges using a specially crafted file with an arbitrary file backup target. Upgrade to MSP360 Backup 8.1.1.19 (released on 2025-05-15).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.3%

CVSS Severity

CVSS v3 Score 7.8

References

https://help.msp360.com/cloudberry-backup/security/admin-privileges
https://help.msp360.com/cloudberry-backup/whats-new
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-119-01.json
https://www.cve.org/CVERecord?id=CVE-2025-43596

Products affected by CVE-2025-43596

Msp360 » Backup » Version: Any

cpe:2.3:a:msp360:backup:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-43596

Products

Pricing

Contact Us