Page 2 of 22 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173. • https://security-advisory.acronis.com/advisories/SEC-2499 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1

Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984. • https://github.com/alfarom256/CVE-2022-45451 https://security-advisory.acronis.com/SEC-5487 https://security-advisory.acronis.com/advisories/SEC-4858 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40208. • https://security-advisory.acronis.com/advisories/SEC-4729 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

Local privilege escalation due to incomplete uninstallation cleanup. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107, Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984. • https://security-advisory.acronis.com/advisories/SEC-4459 • CWE-459: Incomplete Cleanup •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. Divulgación de información confidencial debido a permisos de carpetas inseguros. Los siguientes productos se ven afectados: Acronis Cyber Protect Home Office (Windows) anterior a la compilación 40107. • https://security-advisory.acronis.com/advisories/SEC-4398 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •