Acronis True Image 2021

CPE Details

Acronis True Image 2021
acronis
true_image
2021
2021-02-03
15h47 +00:00
2021-02-03
15h47 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:acronis:true_image:2021:*:*:*:*:-:*:*

Informations

Vendor

acronis

Product

true_image

Version

2021

Target Software

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-44204 2022-02-04 22h29 +00:00 Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
7.8
High
CVE-2020-10139 2020-10-21 11h40 +00:00 Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.
7.8
High
CVE-2020-10140 2020-10-21 11h40 +00:00 Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis.
7.8
High