Vulnerabilities > CVE-2023-48677 - Unspecified vulnerability in Acronis Cyber Protect Home Office

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

acronis

NVD

Published: 2023-12-12

Updated: 2024-11-21

Summary

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901.

Vulnerable Configurations

Part	Description	Count
Application	Acronis Acronis Cyber Protect Home Office - Acronis Cyber Protect Home Office 39900 Acronis Cyber Protect Home Office 40107 Acronis Cyber Protect Home Office 40173 Acronis Cyber Protect Home Office 40208 Acronis Cyber Protect Home Office 40278 Acronis Cyber Protect Home Office 40713	7
OS	Microsoft Microsoft Windows -	1

References

https://security-advisory.acronis.com/advisories/SEC-5620
https://security-advisory.acronis.com/advisories/SEC-5620