Vulnerabilities > Acronis

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2022-0483 Incorrect Permission Assignment for Critical Resource vulnerability in Acronis VSS Doctor
Local privilege escalation due to insecure folder permissions.
local
low complexity
acronis CWE-732
4.6
2022-02-04 CVE-2021-44204 Incorrect Authorization vulnerability in Acronis products
Local privilege escalation via named pipe due to improper access control checks.
local
low complexity
acronis CWE-863
4.6
2022-02-04 CVE-2021-44205 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to DLL hijacking vulnerability.
4.4
2022-02-04 CVE-2021-44206 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service.
4.4
2022-02-04 CVE-2022-24113 Incorrect Default Permissions vulnerability in Acronis products
Local privilege escalation due to excessive permissions assigned to child processes.
local
low complexity
acronis CWE-276
4.6
2022-02-04 CVE-2022-24114 Race Condition vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to race condition on application startup.
4.4
2022-02-04 CVE-2022-24115 Improper Verification of Cryptographic Signature vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to unrestricted loading of unsigned libraries.
local
low complexity
acronis CWE-347
4.6
2021-11-29 CVE-2021-34800 Information Exposure Through Log Files vulnerability in Acronis Agent C21.03/C21.06
Sensitive information could be logged.
network
low complexity
acronis CWE-532
5.0
2021-11-29 CVE-2021-44198 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15
DLL hijacking could lead to local privilege escalation.
4.4
2021-11-29 CVE-2021-44199 Uncontrolled Search Path Element vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office
DLL hijacking could lead to denial of service.
1.9