CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44744
https://notcve.org/view.php?id=CVE-2022-44744
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. Escalada de privilegios locales debido a una vulnerabilidad de secuestro de DLL. Los siguientes productos se ven afectados: Acronis Cyber Protect Home Office (Windows) anterior a la compilación 40107. • https://security-advisory.acronis.com/advisories/SEC-2718 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44747
https://notcve.org/view.php?id=CVE-2022-44747
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. Escalada de privilegios locales debido a un manejo inadecuado de enlaces blandos. Los siguientes productos se ven afectados: Acronis Cyber Protect Home Office (Windows) anterior a la compilación 40107. • https://security-advisory.acronis.com/advisories/SEC-4540 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44733
https://notcve.org/view.php?id=CVE-2022-44733
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900. Escalada de privilegios locales debido a permisos de carpetas inseguros. Los siguientes productos se ven afectados: Acronis Cyber Protect Home Office (Windows) anterior a la compilación 39900. • https://security-advisory.acronis.com/advisories/SEC-3968 • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44732
https://notcve.org/view.php?id=CVE-2022-44732
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900. Escalada de privilegios locales debido a permisos de carpetas inseguros. Los siguientes productos se ven afectados: Acronis Cyber Protect Home Office (Windows) anterior a la compilación 39900. • https://security-advisory.acronis.com/advisories/SEC-3040 • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-30991 – HTML injection via report name
https://notcve.org/view.php?id=CVE-2022-30991
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 Una Inyección de HTML por medio del nombre del informe. Los siguientes productos están afectados: Acronis Cyber Protect 15 (Linux, Windows) versiones anteriores a 29240 • https://security-advisory.acronis.com/advisories/SEC-3928 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •