CVE-2025-53395

August 4, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-53395
Type cve
Published 2025-08-04T00:00:00.000Z
Modified 2025-08-04T18:21:35.185Z

Product Information

Vendor n/a
Product n/a
Version n/a

CVSS Information

Base Score 7.7 (HIGH)
Attack Vector CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:H/S:C/UI:R

AI Analysis

AI Description A vulnerability in Macrium Reflect allows local attackers to execute arbitrary code with admin privileges by using a malicious DLL when mounting a crafted backup file.
AI Severity High
AI Vendor Macrium Software
AI Product Macrium Reflect
AI Version Versions up to June 26, 2025

Affected Products

  • n/a n/a n/a

Additional Information

Source mitre

Description

Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file, Reflect loads the attacker’s VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.