High severity7.7NVD Advisory· Published Aug 4, 2025· Updated Apr 15, 2026
CVE-2025-53395
CVE-2025-53395
Description
Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file, Reflect loads the attacker's VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=2025-06-26
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.