Acronis True Image 2021

CPE Details

Acronis True Image 2021
acronis
true_image
2021
2021-02-03
15h47 +00:00
2021-02-03
15h47 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:acronis:true_image:2021:*:*:*:*:-:*:*

Informations

Vendor

acronis

Product

true_image

Version

2021

Target Software

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-44204 2022-02-04 22h29 +00:00 Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
7.8
Haute
CVE-2020-10139 2020-10-21 11h40 +00:00 Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.
7.8
Haute
CVE-2020-10140 2020-10-21 11h40 +00:00 Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis.
7.8
Haute