High severity7.7NVD Advisory· Published Aug 4, 2025· Updated Apr 15, 2026
CVE-2025-53394
CVE-2025-53394
Description
Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and proceeds to mount it, Reflect launches the renamed executable (e.g., explorer.exe), which is under attacker control. This occurs because of insufficient validation of companion files referenced during backup mounting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: through 2025-06-26
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.