CVE-2026-4824 is a vulnerability identified in Enter Software's Iperius Backup product, specifically affecting versions 8.7.0 through 8.7.3. The issue resides in the Backup Job Configuration File Handler component, where improper privilege management allows a local attacker with limited privileges to manipulate backup job configurations in a way that escalates their privileges. The vulnerability requires local access, and the attack complexity is high, indicating that exploitation demands significant skill or conditions. The CVSS 4.0 score of 7.3 reflects a high severity, with attack vector local (AV:L), high attack complexity (AC:H), no authentication required (AT:N), and privileges required are low (PR:L). The vulnerability impacts confidentiality, integrity, and availability with high scope and impact metrics. The vendor responded promptly by releasing version 8.7.4 to fix the issue. No public exploits are currently known to be active, but the disclosure means attackers could develop exploits. This vulnerability could allow attackers to gain elevated privileges on systems running vulnerable versions, potentially compromising backup data and system security.

The primary impact of CVE-2026-4824 is unauthorized privilege escalation on systems running vulnerable versions of Iperius Backup. An attacker with local access and limited privileges could manipulate backup job configurations to gain higher privileges, potentially leading to unauthorized access to sensitive backup data, modification or deletion of backups, and disruption of backup operations. This could compromise data integrity and availability, affecting disaster recovery capabilities. Organizations relying on Iperius Backup for critical data protection could face increased risk of insider threats or lateral movement by attackers who have gained initial access. The high complexity of exploitation reduces the likelihood of widespread attacks but does not eliminate risk, especially in environments with many users or shared access. The absence of known active exploits currently limits immediate impact but the public disclosure increases the risk of future exploitation attempts.

Organizations should immediately upgrade Iperius Backup to version 8.7.4 or later, which contains the fix for this vulnerability. Additionally, restrict local access to systems running Iperius Backup to trusted users only, minimizing the risk of local exploitation. Implement strict access controls and monitoring on backup configuration files and related directories to detect unauthorized changes. Employ endpoint detection and response (EDR) solutions to identify suspicious privilege escalation attempts. Regularly audit user privileges and remove unnecessary local access rights. Consider isolating backup servers from general user environments to reduce attack surface. Maintain up-to-date backups and verify their integrity to ensure recovery capability in case of compromise. Finally, educate system administrators about the risks of local privilege escalation vulnerabilities and the importance of timely patching.