Vulnerabilities > Acronis > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2022-24115 | Improper Verification of Cryptographic Signature vulnerability in Acronis Cyber Protect Home Office and True Image Local privilege escalation due to unrestricted loading of unsigned libraries. | 7.8 |
| 2021-11-29 | CVE-2021-34800 | Information Exposure Through Log Files vulnerability in Acronis Agent C21.03 Sensitive information could be logged. | 7.5 |
| 2021-11-29 | CVE-2021-44198 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15 DLL hijacking could lead to local privilege escalation. | 7.8 |
| 2021-08-12 | CVE-2021-38086 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15 Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. | 7.8 |
| 2021-08-12 | CVE-2021-38088 | Unspecified vulnerability in Acronis Cyber Protect 15 Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking. | 7.8 |
| 2021-08-05 | CVE-2021-32576 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2). | 7.8 |
| 2021-08-05 | CVE-2021-32577 | Incorrect Permission Assignment for Critical Resource vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions. | 7.8 |
| 2021-08-05 | CVE-2021-32578 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2). | 7.8 |
| 2021-08-05 | CVE-2021-32579 | Improper Authentication vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API. | 7.8 |
| 2021-08-05 | CVE-2021-32580 | Uncontrolled Search Path Element vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking. | 7.8 |