NotCVE - vendor:"Acronis" product:"True Image"

Page 2 of 29 results (0.008 seconds)

CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0

CVE-2021-32581

https://notcve.org/view.php?id=CVE-2021-32581

05 Aug 2021 — Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation. Acronis True Image anterior a versión 2021 Update 4 para Windows, Acronis True Image anterior a versión 2021 Update 5 para Mac, Acronis Agent anterior a la compilación 26653, Acronis Cyber Protect anterior a la compilación 27009, no implementaban la comprobación de certificados SS... • https://kb.acronis.com/content/68413 • CWE-295: Improper Certificate Validation •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-32578

https://notcve.org/view.php?id=CVE-2021-32578

05 Aug 2021 — Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2). Acronis True Image anterior a versión 2021 Update 4 para Windows permitía la escalada de privilegios local debido a la administración inapropiada de enlaces blandos (problema 2 de 2) • https://kb.acronis.com/content/68419 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-32576

https://notcve.org/view.php?id=CVE-2021-32576

05 Aug 2021 — Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2). Acronis True Image anterior a versión 2021 Update 4 para Windows permitía la escalada de privilegios local debido a la administración inapropiada de enlaces blandos (problema 1 de 2) • https://kb.acronis.com/content/68419 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-32580

https://notcve.org/view.php?id=CVE-2021-32580

05 Aug 2021 — Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking. Acronis True Image anterior a versión 2021 Update 4 para Windows, permitía la escalada de privilegios local debido al secuestro de DLL • https://kb.acronis.com/content/68419 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2021-32579

https://notcve.org/view.php?id=CVE-2021-32579

05 Aug 2021 — Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API. Acronis True Image anterior a versión 2021 Update 4 para Windows y Acronis True Image anterior a versión 2021 Update 5 para macOS, permitían que un atacante no autenticado (con capacidad de ejecución de código local) manipulara la API de microservicios • https://kb.acronis.com/content/68413 • CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2020-15495

https://notcve.org/view.php?id=CVE-2020-15495

15 Jul 2021 — Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration. Acronis True Image versiones 2019 update 1 hasta 2020, en macOS permite una escalada de privilegios local debido a una configuración no segura del servicio XPC • https://kb.acronis.com/content/68061 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-25593

https://notcve.org/view.php?id=CVE-2020-25593

15 Jul 2021 — Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions. Acronis True Image versiones hasta 2021 en macOS, permite una escalada de privilegios local de admin a root debido a permisos de carpeta no seguros • https://kb.acronis.com/content/68396 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2020-15496

https://notcve.org/view.php?id=CVE-2020-15496

15 Jul 2021 — Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions. Acronis True Image for Mac versiones anteriores a 2021 Update 4, permitía una escalada de privilegios local debido a permisos no seguros de las carpetas • https://kb.acronis.com/content/68396 • CWE-281: Improper Preservation of Permissions •

CVSS: 7.8EPSS: 15%CPEs: 5EXPL: 1

CVE-2020-25736 – Acronis TrueImage XPC Privilege Escalation

https://notcve.org/view.php?id=CVE-2020-25736

15 Jul 2021 — Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration. Acronis True Image versiones 2019 update 1 hasta 2021 update 1 en macOS, permite una escalada de privilegios local debido a una configuración no segura del servicio XPC • https://packetstorm.news/files/id/170246 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-9452

https://notcve.org/view.php?id=CVE-2020-9452

25 May 2021 — An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe includes functionality to quarantine files by copying a suspected ransomware file from one directory to another using SYSTEM privileges. Because unprivileged users have write permissions in the quarantine folder, it is possible to control this privileged write with a hardlink. This means that an unprivileged user can write/overwrite arbitrary files in arbitrary folders. Escalating privileges to SYSTEM is trivial with ... • https://danishcyberdefence.dk/blog • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

1 2 3