Filtered by vendor Acronis
Subscribe
Total
100 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30697 | 1 Acronis | 1 Snap Deploy | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | |||||
| CVE-2022-30993 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240 | |||||
| CVE-2022-30994 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240 | |||||
| CVE-2021-44199 | 2 Acronis, Microsoft | 4 Agent, Cyber Protect, Cyber Protect Home Office and 1 more | 2024-02-04 | 1.9 LOW | 5.5 MEDIUM |
| DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612 | |||||
| CVE-2022-24115 | 2 Acronis, Apple | 3 Cyber Protect Home Office, True Image, Macos | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287 | |||||
| CVE-2021-44198 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2024-02-04 | 4.4 MEDIUM | 7.8 HIGH |
| DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035 | |||||
| CVE-2021-44203 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | |||||
| CVE-2021-44204 | 2 Acronis, Microsoft | 5 Agent, Cyber Protect, Cyber Protect Home Office and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287 | |||||
| CVE-2022-24113 | 2 Acronis, Microsoft | 5 Agent, Cyber Protect, Cyber Protect Home Office and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287 | |||||
| CVE-2021-44206 | 2 Acronis, Microsoft | 3 Cyber Protect Home Office, True Image, Windows | 2024-02-04 | 4.4 MEDIUM | 7.3 HIGH |
| Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287 | |||||
| CVE-2021-44200 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | |||||
| CVE-2022-24114 | 2 Acronis, Apple | 3 Cyber Protect Home Office, True Image, Macos | 2024-02-04 | 4.4 MEDIUM | 7.0 HIGH |
| Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287 | |||||
| CVE-2021-34800 | 1 Acronis | 1 Agent | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Sensitive information could be logged. The following products are affected: Acronis Agent (Windows, Linux, macOS) before build 27147 | |||||
| CVE-2021-44205 | 2 Acronis, Microsoft | 3 Cyber Protect Home Office, True Image, Windows | 2024-02-04 | 4.4 MEDIUM | 7.3 HIGH |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287 | |||||
| CVE-2021-44202 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | |||||
| CVE-2021-44201 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035 | |||||
| CVE-2020-25593 | 1 Acronis | 1 True Image | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
| Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions. | |||||
| CVE-2021-38086 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2024-02-04 | 4.4 MEDIUM | 7.8 HIGH |
| Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. | |||||
| CVE-2020-9451 | 1 Acronis | 1 True Image 2020 | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a (not yet created) log file to anti_ransomware_service.exe. On reboot, this forces the anti_ransomware_service to try to write its log into its own process, crashing in a SHARING VIOLATION. This crash occurs on every reboot. | |||||
| CVE-2020-15495 | 1 Acronis | 1 True Image | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration. | |||||