Vulnerabilities > Acronis > True Image > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2021-44204 | Unspecified vulnerability in Acronis products Local privilege escalation via named pipe due to improper access control checks. | 4.6 |
| 2022-02-04 | CVE-2021-44205 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect Home Office and True Image Local privilege escalation due to DLL hijacking vulnerability. | 4.4 |
| 2022-02-04 | CVE-2021-44206 | Uncontrolled Search Path Element vulnerability in Acronis Cyber Protect Home Office and True Image Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. | 4.4 |
| 2022-02-04 | CVE-2022-24113 | Incorrect Default Permissions vulnerability in Acronis products Local privilege escalation due to excessive permissions assigned to child processes. | 4.6 |
| 2022-02-04 | CVE-2022-24114 | Race Condition vulnerability in Acronis Cyber Protect Home Office and True Image Local privilege escalation due to race condition on application startup. | 4.4 |
| 2022-02-04 | CVE-2022-24115 | Improper Verification of Cryptographic Signature vulnerability in Acronis Cyber Protect Home Office and True Image Local privilege escalation due to unrestricted loading of unsigned libraries. | 4.6 |
| 2021-08-05 | CVE-2021-32576 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2). | 4.6 |
| 2021-08-05 | CVE-2021-32577 | Incorrect Permission Assignment for Critical Resource vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions. | 4.6 |
| 2021-08-05 | CVE-2021-32578 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2). | 4.6 |
| 2021-08-05 | CVE-2021-32579 | Improper Authentication vulnerability in Acronis True Image 2021 Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API. | 4.6 |