Vulnerabilities > Acronis > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-32578 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2). | 4.6 |
| 2021-08-05 | CVE-2021-32579 | Improper Authentication vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API. | 4.6 |
| 2021-08-05 | CVE-2021-32580 | Uncontrolled Search Path Element vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking. | 4.4 |
| 2021-08-05 | CVE-2021-32581 | Improper Certificate Validation vulnerability in Acronis products Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation. | 5.8 |
| 2021-07-30 | CVE-2020-14999 | Unspecified vulnerability in Acronis Agent A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data. | 5.0 |
| 2021-07-15 | CVE-2020-15495 | Unspecified vulnerability in Acronis True Image 2019/2020 Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration. | 4.6 |
| 2021-07-15 | CVE-2020-15496 | Improper Preservation of Permissions vulnerability in Acronis True Image Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions. | 4.6 |
| 2021-05-25 | CVE-2020-9450 | Incorrect Default Permissions vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 4.6 |
| 2021-02-22 | CVE-2020-35664 | Cross-site Scripting vulnerability in Acronis Cyber Protect 15 An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. | 4.3 |
| 2021-02-22 | CVE-2020-35556 | Origin Validation Error vulnerability in Acronis Cyber Protect 15 An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. | 5.0 |