CNNVD-202602-2059 Information
CNNVD ID
CNNVD-202602-2059
Related CVE
- CNNVD Published: 2026-02-12
Description (Chinese)
Intego Personal Backup是Intego公司的一个备份工具。 Intego Personal Backup存在后置链接漏洞,该漏洞源于备份任务定义存储在非特权用户可写的位置,但以提升的权限进行处理,可能导致本地攻击者通过特制的序列化任务文件触发任意文件写入和权限提升。
Description (English)
Intego Personal Backup is a backup tool for Intego. Intego Personal Backup has a back-up link loophole, which stems from the fact that the back-up job definition is stored in a writeable location for non-privileged users, but is processed with enhanced privileges, which may result in local assailants triggering any writing and power enhancement of a specific serialized task file.
Vulnerability Type
后置链接
Affected Vendor
Intego
Published
2026-02-12
Last Modified
2026-02-24
References
https://blog.quarkslab.com/intego_lpe_macos_1.html https://integosupport.zendesk.com/hc/en-us/articles/40945636077467-Personal-Backup-X9-Release-Notes https://www.intego.com/ https://www.intego.com/bootable-mac-backups https://www.vulncheck.com/advisories/intego-personal-backup-task-file-privilege-escalation
Share on: