Vulnerabilities > Acronis > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2022-24113 Incorrect Default Permissions vulnerability in Acronis products
Local privilege escalation due to excessive permissions assigned to child processes.
local
low complexity
acronis CWE-276
4.6
4.6
2022-02-04 CVE-2022-24114 Race Condition vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to race condition on application startup. 		4.4
4.4
2022-02-04 CVE-2022-24115 Improper Verification of Cryptographic Signature vulnerability in Acronis Cyber Protect Home Office and True Image
Local privilege escalation due to unrestricted loading of unsigned libraries.
local
low complexity
acronis CWE-347
4.6
4.6
2021-11-29 CVE-2021-34800 Information Exposure Through Log Files vulnerability in Acronis Agent C21.03/C21.06
Sensitive information could be logged.
network
low complexity
acronis CWE-532
5.0
5.0
2021-11-29 CVE-2021-44198 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15
DLL hijacking could lead to local privilege escalation. 		4.4
4.4
2021-11-29 CVE-2021-44201 Cross-site Scripting vulnerability in Acronis Cyber Protect 15
Cross-site scripting (XSS) was possible in notification pop-ups.
network
acronis CWE-79
4.3
4.3
2021-08-12 CVE-2021-38086 Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect 15
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. 		4.4
4.4
2021-08-12 CVE-2021-38088 Unspecified vulnerability in Acronis Cyber Protect 15
Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking.
local
low complexity
acronis
4.6
4.6
2021-08-05 CVE-2021-32576 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis True Image 2021
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2).
local
low complexity
acronis CWE-610
4.6
4.6
2021-08-05 CVE-2021-32577 Incorrect Permission Assignment for Critical Resource vulnerability in Acronis True Image 2021
Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.
local
low complexity
acronis CWE-732
4.6
4.6