Search
Search Results (28 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-9450 | 1 Acronis | 1 True Image 2020 | 2024-11-21 | 7.8 High |
| An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe exposes a REST API that can be used by everyone, even unprivileged users. This API is used to communicate from the GUI to anti_ransomware_service.exe. This can be exploited to add an arbitrary malicious executable to the whitelist, or even exclude an entire drive from being monitored by anti_ransomware_service.exe. | ||||
| CVE-2020-35145 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a DLL hijacking vulnerability in multiple components, aka an Untrusted Search Path issue. | ||||
| CVE-2020-25736 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows local privilege escalation due to an insecure XPC service configuration. | ||||
| CVE-2020-25593 | 1 Acronis | 1 True Image | 2024-11-21 | 6.7 Medium |
| Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions. | ||||
| CVE-2020-15496 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions. | ||||
| CVE-2020-15495 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration. | ||||
| CVE-2020-10140 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths within C:\ProgramData\Acronis. | ||||
| CVE-2020-10139 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges. | ||||