CVE-2023-48677

Опубликовано: 12 дек. 2023

Источник: nvd

CVSS3: 7.3

CVSS3: 7.8

EPSS Низкий

Описание

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938.

Ссылки

https://security-advisory.acronis.com/advisories/SEC-5620
Vendor Advisory
https://security-advisory.acronis.com/advisories/SEC-5620
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:acronis:cyber_protect_home_office:*:*:*:*:*:*:*:*

Версия до 40901 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 13%

0.00044

Низкий

7.3 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-427

Связанные уязвимости

GHSA-qgrp-jmm8-2jmf

CVSS3: 7.3

github

около 2 лет назад

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901.

EPSS

Процентиль: 13%

0.00044

Низкий

7.3 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-427