Vulnerabilities > Acronis

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2022-24114 Race Condition vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to race condition on application startup. 		4.4
4.4
2022-02-04 CVE-2022-24115 Improper Verification of Cryptographic Signature vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to unrestricted loading of unsigned libraries.
local
low complexity
acronis CWE-347
4.6
4.6
2021-11-29 CVE-2021-34800 Information Exposure Through Log Files vulnerability in Acronis Agent C21.03/C21.06
Sensitive information could be logged.
network
low complexity
acronis CWE-532
5.0
5.0
2021-11-29 CVE-2021-44198 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15
DLL hijacking could lead to local privilege escalation. 		4.4
4.4
2021-11-29 CVE-2021-44199 Uncontrolled Search Path Element vulnerability in Acronis Agent, Cyber Protect and Cyber Protect Home Office
DLL hijacking could lead to denial of service. 		1.9
1.9
2021-11-29 CVE-2021-44200 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Self cross-site scripting (XSS) was possible on devices page.
network
acronis CWE-79
3.5
3.5
2021-11-29 CVE-2021-44201 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Cross-site scripting (XSS) was possible in notification pop-ups.
network
acronis CWE-79
4.3
4.3
2021-11-29 CVE-2021-44202 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) was possible in activity details.
network
acronis CWE-79
3.5
3.5
2021-11-29 CVE-2021-44203 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Stored cross-site scripting (XSS) was possible in protection plan details.
network
acronis CWE-79
3.5
3.5
2021-08-12 CVE-2021-38086 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. 		4.4
4.4