Enter Software Iperius Backup NTLM2 information disclosure_CVE-2026-4823

2 / 10

LOW

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a manipulation can lead to information disclosure. The attack is restricted to local execution. Attacks of this nature are highly complex. The exploitation appears to be difficult. The exploit has been published and may be used. Upgrading to version 8.7.4 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Basic Information

ID CVE-2026-4823

Source VulDB

Published Mar 25, 2026 at 21:44

Modified Mar 26, 2026 at 15:01

Affected Product

Vendor Enter Software

Product Iperius Backup

Version 8.7.0

Affected Versions Enter Software Iperius Backup 8.7.0
Enter Software Iperius Backup 8.7.1
Enter Software Iperius Backup 8.7.2
Enter Software Iperius Backup 8.7.3

CWE Classification

CWE-200 CWE-284

References

{
    "lastseen": "",
    "description": "A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a manipulation can lead to information disclosure. The attack is restricted to local execution. Attacks of this nature are highly complex. The exploitation appears to be difficult. The exploit has been published and may be used. Upgrading to version 8.7.4 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.",
    "published": "2026-03-25T21:44:31.478Z",
    "modified": "2026-03-26T15:01:17.506Z",
    "type": "cve",
    "title": "Enter Software Iperius Backup NTLM2 information disclosure",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.353123\nhttps://vuldb.com/?ctiid.353123\nhttps://vuldb.com/?submit.774218\nhttps://github.com/0truust/iperius-backup-security-advisories/blob/main/advisories/ntlm-relay-credential-exposure.md\nhttps://www.iperiusbackup.com/download-software-backup.aspx",
    "id": "CVE-2026-4823",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Enter Software Iperius Backup 8.7.0\nEnter Software Iperius Backup 8.7.1\nEnter Software Iperius Backup 8.7.2\nEnter Software Iperius Backup 8.7.3",
    "sourceHref": "",
    "cvss": {
        "score": 2,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Iperius Backup",
    "version": "8.7.0",
    "vendor": "Enter Software",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}