Enter Software Iperius Backup IperiusAccounts.ini hard-coded key_CVE-2026-5310

2 / 10

LOW

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. This impacts an unknown function of the file IperiusAccounts.ini. Such manipulation leads to use of hard-coded cryptographic key
. The attack must be carried out locally. This attack is characterized by high complexity. The exploitability is said to be difficult. The exploit is publicly available and might be used. Upgrading to version 8.7.4 will fix this issue. It is suggested to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Basic Information

ID CVE-2026-5310

Source VulDB

Published Apr 1, 2026 at 16:30

Modified Apr 1, 2026 at 17:54

Affected Product

Vendor Enter Software

Product Iperius Backup

Version 8.7.0

Affected Versions Enter Software Iperius Backup 8.7.0
Enter Software Iperius Backup 8.7.1
Enter Software Iperius Backup 8.7.2

CWE Classification

CWE-321 CWE-320

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. This impacts an unknown function of the file IperiusAccounts.ini. Such manipulation leads to use of hard-coded cryptographic key\r . The attack must be carried out locally. This attack is characterized by high complexity. The exploitability is said to be difficult. The exploit is publicly available and might be used. Upgrading to version 8.7.4 will fix this issue. It is suggested to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.",
    "published": "2026-04-01T16:30:21.522Z",
    "modified": "2026-04-01T17:54:16.358Z",
    "type": "cve",
    "title": "Enter Software Iperius Backup IperiusAccounts.ini hard-coded key",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/354639\nhttps://vuldb.com/vuln/354639/cti\nhttps://vuldb.com/submit/778602\nhttps://github.com/VulnaraByte/iperius-backup-security-advisories\nhttps://github.com/VulnaraByte/iperius-backup-security-advisories/blob/main/poc/decrypt_iperius.py\nhttps://www.iperiusbackup.com/download-software-backup.aspx",
    "id": "CVE-2026-5310",
    "bulletinFamily": "",
    "cwe": [
        "CWE-321",
        "CWE-320"
    ],
    "cvelist": null,
    "sourceData": "Enter Software Iperius Backup 8.7.0\nEnter Software Iperius Backup 8.7.1\nEnter Software Iperius Backup 8.7.2",
    "sourceHref": "",
    "cvss": {
        "score": 2,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Iperius Backup",
    "version": "8.7.0",
    "vendor": "Enter Software",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}