Description
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
Published: 2026-06-03
Score: 7.3 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Acronis DeviceLock DLP contains a DLL hijacking flaw that permits a local attacker to run arbitrary code with elevated privileges. The vulnerability stems from inadequate protection of the DLL search order, allowing a malicious DLL to be loaded instead of the legitimate one. Successful exploitation grants full system access, potentially enabling further compromise of the local machine and the broader network if the device is privileged.

Affected Systems

Windows installations of Acronis DeviceLock DLP before build 9.0.15051.93227 are affected. The issue is present only in versions that have not yet been patched to the referenced build number.

Risk and Exploitability

The CVSS score of 7.3 indicates a high severity risk. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog, implying that a known exploit has not yet been publicly disclosed. The likely attack vector is local, requiring the attacker to have file‑system write access to a directory that the target process searches for DLLs. If such access is available, the attacker can place a malicious DLL and trigger execution through normal operation of the application.

Generated by OpenCVE AI on June 3, 2026 at 21:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Acronis DeviceLock DLP to build 9.0.15051.93227 or later to eliminate the DLL hijacking flaw.
  • Restrict write permissions on directories that the vulnerable application searches for DLLs, ensuring only trusted administrators can modify them.
  • Deploy AppLocker or Software Restriction Policies to block execution of unsigned or untrusted DLLs in system directories used by DeviceLock DLP.

Generated by OpenCVE AI on June 3, 2026 at 21:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Title DLL Hijacking Vulnerability in Acronis DeviceLock DLP Enables Local Privilege Escalation
First Time appeared Acronis
Acronis acronis Devicelock Dlp
Vendors & Products Acronis
Acronis acronis Devicelock Dlp

Wed, 03 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.
Weaknesses CWE-427
References
Metrics cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Acronis Acronis Devicelock Dlp
cve-icon MITRE

Status: PUBLISHED

Assigner: Acronis

Published:

Updated: 2026-06-03T19:26:05.897Z

Reserved: 2026-06-03T16:03:01.948Z

Link: CVE-2026-50033

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-03T20:16:21.890

Modified: 2026-06-03T20:16:21.890

Link: CVE-2026-50033

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T21:30:32Z

Weaknesses