CVE-2023-48677

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:acronis:cyber_protect_home_office:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

04 Jun 2025, 14:15

Type Values Removed Values Added
Summary (en) Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378. (en) Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938.

31 Jan 2025, 13:15

Type Values Removed Values Added
Summary (en) Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901. (en) Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378.

21 Nov 2024, 08:32

Type Values Removed Values Added
References () https://security-advisory.acronis.com/advisories/SEC-5620 - Vendor Advisory () https://security-advisory.acronis.com/advisories/SEC-5620 - Vendor Advisory

14 Dec 2023, 18:32

Type Values Removed Values Added
CPE cpe:2.3:a:acronis:cyber_protect_home_office:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
References () https://security-advisory.acronis.com/advisories/SEC-5620 - () https://security-advisory.acronis.com/advisories/SEC-5620 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8

12 Dec 2023, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-12 09:15

Updated : 2025-06-04 14:15


NVD link : CVE-2023-48677

Mitre link : CVE-2023-48677

CVE.ORG link : CVE-2023-48677


JSON object : View

Products Affected

microsoft

  • windows

acronis

  • cyber_protect_home_office
CWE
CWE-427

Uncontrolled Search Path Element