CVE-2021-44206 - OpenCVE

Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Acronis	Cyber Protect Home Office True Image
Microsoft	Windows

Configuration 1 [-]

OR	cpe:2.3:a:acronis:true_image:2021:-::::windows::*
	cpe:2.3:a:acronis:true_image:2021:update_1::::windows::*
	cpe:2.3:a:acronis:true_image:2021:update_2::::windows::*
	cpe:2.3:a:acronis:true_image:2021:update_3::::windows::*
	cpe:2.3:a:acronis:true_image:2021:update_4::::windows::*

Configuration 2 [-]

AND

cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://security-advisory.acronis.com/advisories/SEC-3058

History

No history.

MITRE

Status: PUBLISHED

Assigner: Acronis

Published: 2022-02-04T22:29:33.897481Z

Updated: 2024-09-16T22:45:14.240Z

Reserved: 2021-11-24T00:00:00

Link: CVE-2021-44206

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-02-04T23:15:12.100

Modified: 2022-02-09T18:12:36.863

Link: CVE-2021-44206

Redhat

No data.

{"containers": {"cna": {"affected": [{"platforms": ["Windows"], "product": "Acronis Cyber Protect Home Office", "vendor": "Acronis", "versions": [{"lessThan": "39612", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["Windows"], "product": "Acronis True Image 2021", "vendor": "Acronis", "versions": [{"lessThan": "39287", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "@xdanes09 (https://hackerone.com/xdanes09)"}], "datePublic": "2022-02-02T00:00:00", "descriptions": [{"lang": "en", "value": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "CWE-427", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-02-04T22:29:33", "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "shortName": "Acronis"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security-advisory.acronis.com/advisories/SEC-3058"}], "source": {"advisory": "SEC-3058", "defect": ["SEC-3058"], "discovery": "EXTERNAL"}, "title": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@acronis.com", "DATE_PUBLIC": "2022-02-02T00:00:00.000Z", "ID": "CVE-2021-44206", "STATE": "PUBLIC", "TITLE": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Acronis Cyber Protect Home Office", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_value": "39612"}]}}, {"product_name": "Acronis True Image 2021", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_value": "39287"}]}}]}, "vendor_name": "Acronis"}]}}, "credit": [{"lang": "eng", "value": "@xdanes09 (https://hackerone.com/xdanes09)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-427"}]}]}, "references": {"reference_data": [{"name": "https://security-advisory.acronis.com/advisories/SEC-3058", "refsource": "MISC", "url": "https://security-advisory.acronis.com/advisories/SEC-3058"}]}, "source": {"advisory": "SEC-3058", "defect": ["SEC-3058"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:17:24.550Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security-advisory.acronis.com/advisories/SEC-3058"}]}]}, "cveMetadata": {"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175", "assignerShortName": "Acronis", "cveId": "CVE-2021-44206", "datePublished": "2022-02-04T22:29:33.897481Z", "dateReserved": "2021-11-24T00:00:00", "dateUpdated": "2024-09-16T22:45:14.240Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acronis:true_image:2021:-:*:*:*:windows:*:*", "matchCriteriaId": "F7B99318-3AA5-428D-B0D7-106128BDCE78", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:true_image:2021:update_1:*:*:*:windows:*:*", "matchCriteriaId": "B1CFEB0F-588B-4B88-9169-4ADB6396C1C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:true_image:2021:update_2:*:*:*:windows:*:*", "matchCriteriaId": "54BE6067-0357-4C68-AA06-CB5EEA3DD86F", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:true_image:2021:update_3:*:*:*:windows:*:*", "matchCriteriaId": "02D1EBBC-47EE-4C46-AA69-DD0B7DE1B173", "vulnerable": true}, {"criteria": "cpe:2.3:a:acronis:true_image:2021:update_4:*:*:*:windows:*:*", "matchCriteriaId": "0CF1A7BF-9B93-4D7C-BCD8-30DEF789B46B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:*", "matchCriteriaId": "8418AF63-E280-4CE2-8E5C-DCD00ABE6557", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"}, {"lang": "es", "value": "Una escalada local de privilegios debido a una vulnerabilidad de secuestro de DLL en el servicio Acronis Media Builder. Los siguientes productos est\u00e1n afectados: Acronis Cyber Protect Home Office (Windows) versiones anteriores a la compilaci\u00f3n 39612, Acronis True Image 2021 (Windows) versiones anteriores a la compilaci\u00f3n 39287"}], "id": "CVE-2021-44206", "lastModified": "2022-02-09T18:12:36.863", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-04T23:15:12.100", "references": [{"source": "security@acronis.com", "tags": ["Vendor Advisory"], "url": "https://security-advisory.acronis.com/advisories/SEC-3058"}], "sourceIdentifier": "security@acronis.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-427"}], "source": "security@acronis.com", "type": "Secondary"}]}