Описание
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:acronis:true_image:2021:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00045
Низкий
7.8 High
CVSS3
7.3 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-732
CWE-732
Связанные уязвимости
github
больше 3 лет назад
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis.
EPSS
Процентиль: 14%
0.00045
Низкий
7.8 High
CVSS3
7.3 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-732
CWE-732