Vulnerabilities > Acronis > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-07 | CVE-2022-44747 | Link Following vulnerability in Acronis Cyber Protect Home Office Local privilege escalation due to improper soft link handling. | 7.8 |
| 2022-11-07 | CVE-2022-44732 | Incorrect Permission Assignment for Critical Resource vulnerability in Acronis Cyber Protect Home Office Local privilege escalation due to insecure folder permissions. | 7.8 |
| 2022-11-07 | CVE-2022-44733 | Incorrect Permission Assignment for Critical Resource vulnerability in Acronis Cyber Protect Home Office Local privilege escalation due to insecure folder permissions. | 7.8 |
| 2022-05-18 | CVE-2022-30990 | Incorrect Permission Assignment for Critical Resource vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure due to insecure folder permissions. | 7.5 |
| 2021-07-15 | CVE-2020-25593 | Incorrect Default Permissions vulnerability in Acronis True Image Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions. | 7.2 |
| 2021-07-15 | CVE-2020-25736 | Unspecified vulnerability in Acronis True Image 2019/2020/2021 Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration. | 7.8 |
| 2021-05-25 | CVE-2020-9452 | Link Following vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 7.2 |
| 2020-10-21 | CVE-2020-10139 | Improper Initialization vulnerability in Acronis True Image 2021 Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. | 7.2 |
| 2020-10-21 | CVE-2020-10138 | Improper Initialization vulnerability in Acronis Cyber Backup and Cyber Protect Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. | 7.2 |
| 2017-06-21 | CVE-2017-3219 | Insufficient Verification of Data Authenticity vulnerability in Acronis True Image Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. | 8.3 |