CVE-2025-53395 Information
Aug 05, 2025
cve
Description
Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file Reflect loads the attacker’s VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe.
Reference
https://macrium.com https://www.macrium.com/blog/macrium-security-advisory-cve-2025-53394-cve-2025-53395
Related CNNVD
CNNVD-202508-251 (Published: 2025-08-04)
Share on: