Acronis True Image 2021 1 for MacOS

CPE Details

Acronis True Image 2021 1 for MacOS
acronis
true_image
2021
2021-07-16
11h47 +00:00
2021-09-25
11h37 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:acronis:true_image:2021:1:*:*:*:macos:*:*

Informations

Vendor

acronis

Product

true_image

Version

2021

Update

1

Target Software

macos

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-25593 2021-07-15 12h07 +00:00 Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.
6.7
Medium
CVE-2020-25736 2021-07-14 22h00 +00:00 Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration.
7.8
High
CVE-2020-10139 2020-10-21 11h40 +00:00 Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.
7.8
High
CVE-2020-10140 2020-10-21 11h40 +00:00 Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis.
7.8
High