Search

Find a vulnerability

Search criteria

    50 vulnerabilities found for true_image by acronis

    CVE-2026-33271 (GCVE-0-2026-33271)

    Vulnerability from nvd – Published: 2026-04-02 17:06 – Updated: 2026-04-03 03:55
    VLAI
    Summary
    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis True Image Affected: unspecified , < 42902 (semver)
    Create a notification for this product.
    Credits
    @s3nds3c (https://hackerone.com/s3nds3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33271",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-03T03:55:49.028Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "42902",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "@s3nds3c (https://hackerone.com/s3nds3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T17:06:24.089Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "name": "SEC-9108",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-9108"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2026-33271",
        "datePublished": "2026-04-02T17:06:24.089Z",
        "dateReserved": "2026-04-01T00:44:58.761Z",
        "dateUpdated": "2026-04-03T03:55:49.028Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28728 (GCVE-0-2026-28728)

    Vulnerability from nvd – Published: 2026-04-02 17:04 – Updated: 2026-04-03 03:55
    VLAI
    Summary
    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis True Image Affected: unspecified , < 42902 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28728",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-03T03:55:46.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "42902",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T17:04:45.425Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "name": "SEC-10401",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-10401"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2026-28728",
        "datePublished": "2026-04-02T17:04:45.425Z",
        "dateReserved": "2026-03-03T02:29:03.755Z",
        "dateUpdated": "2026-04-03T03:55:46.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27774 (GCVE-0-2026-27774)

    Vulnerability from nvd – Published: 2026-04-02 17:05 – Updated: 2026-04-03 03:55
    VLAI
    Summary
    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis True Image Affected: unspecified , < 42902 (semver)
    Create a notification for this product.
    Credits
    @chipotle_chili (https://hackerone.com/chipotle_chili)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-27774",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-03T03:55:47.929Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "42902",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "@chipotle_chili (https://hackerone.com/chipotle_chili)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T17:05:19.178Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "name": "SEC-10057",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-10057"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2026-27774",
        "datePublished": "2026-04-02T17:05:19.178Z",
        "dateReserved": "2026-04-01T00:44:58.734Z",
        "dateUpdated": "2026-04-03T03:55:47.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-24115 (GCVE-0-2022-24115)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-16 16:52
    VLAI
    Title
    Local privilege escalation due to unrestricted loading of unsigned libraries
    Summary
    Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39605 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @vkas-afk (https://hackerone.com/vkas-afk)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.626Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3359"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39605",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:30.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3359"
            }
          ],
          "source": {
            "advisory": "SEC-3359",
            "defect": [
              "SEC-3359"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to unrestricted loading of unsigned libraries",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2022-24115",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to unrestricted loading of unsigned libraries"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39605"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-347"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3359",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3359"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3359",
              "defect": [
                "SEC-3359"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2022-24115",
        "datePublished": "2022-02-04T22:29:30.925Z",
        "dateReserved": "2022-01-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:52:37.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24114 (GCVE-0-2022-24114)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-17 03:07
    VLAI
    Title
    Local privilege escalation due to race condition on application startup
    Summary
    Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39605 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @vkas-afk (https://hackerone.com/vkas-afk)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3316"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39605",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:32.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3316"
            }
          ],
          "source": {
            "advisory": "SEC-3316",
            "defect": [
              "SEC-3316"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to race condition on application startup",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2022-24114",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to race condition on application startup"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39605"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-362"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3316",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3316"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3316",
              "defect": [
                "SEC-3316"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2022-24114",
        "datePublished": "2022-02-04T22:29:32.323Z",
        "dateReserved": "2022-01-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:25.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24113 (GCVE-0-2022-24113)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-16 19:57
    VLAI
    Title
    Local privilege escalation due to excessive permissions assigned to child processes
    Summary
    Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect 15 Affected: unspecified , < 28035 (custom)
    Create a notification for this product.
    Acronis Acronis Agent Affected: unspecified , < 27147 (custom)
    Create a notification for this product.
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @penrose (https://hackerone.com/penrose)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect 15",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "28035",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Agent",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "27147",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@penrose (https://hackerone.com/penrose)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:30.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
            }
          ],
          "source": {
            "advisory": "SEC-2881",
            "defect": [
              "SEC-2881"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to excessive permissions assigned to child processes",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2022-24113",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to excessive permissions assigned to child processes"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect 15",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "28035"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Agent",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "27147"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@penrose (https://hackerone.com/penrose)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-250"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-2881",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
                }
              ]
            },
            "source": {
              "advisory": "SEC-2881",
              "defect": [
                "SEC-2881"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2022-24113",
        "datePublished": "2022-02-04T22:29:30.215Z",
        "dateReserved": "2022-01-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:57:01.189Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-44206 (GCVE-0-2021-44206)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-16 22:45
    VLAI
    Title
    Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service
    Summary
    Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @xdanes09 (https://hackerone.com/xdanes09)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:17:24.550Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3058"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@xdanes09 (https://hackerone.com/xdanes09)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:33.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3058"
            }
          ],
          "source": {
            "advisory": "SEC-3058",
            "defect": [
              "SEC-3058"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2021-44206",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@xdanes09 (https://hackerone.com/xdanes09)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3058",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3058"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3058",
              "defect": [
                "SEC-3058"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2021-44206",
        "datePublished": "2022-02-04T22:29:33.897Z",
        "dateReserved": "2021-11-24T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:45:14.240Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-44205 (GCVE-0-2021-44205)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-17 01:36
    VLAI
    Title
    Local privilege escalation due to DLL hijacking vulnerability
    Summary
    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @xdanes09 (https://hackerone.com/xdanes09)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:17:24.843Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3059"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@xdanes09 (https://hackerone.com/xdanes09)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:31.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3059"
            }
          ],
          "source": {
            "advisory": "SEC-3059",
            "defect": [
              "SEC-3059"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to DLL hijacking vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2021-44205",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to DLL hijacking vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@xdanes09 (https://hackerone.com/xdanes09)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3059",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3059"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3059",
              "defect": [
                "SEC-3059"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2021-44205",
        "datePublished": "2022-02-04T22:29:31.627Z",
        "dateReserved": "2021-11-24T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:36:39.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-44204 (GCVE-0-2021-44204)

    Vulnerability from nvd – Published: 2022-02-04 22:29 – Updated: 2024-09-17 01:12
    VLAI
    Title
    Local privilege escalation via named pipe due to improper access control checks
    Summary
    Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect 15 Affected: unspecified , < 28035 (custom)
    Create a notification for this product.
    Acronis Acronis Agent Affected: unspecified , < 27147 (custom)
    Create a notification for this product.
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @xnand (https://hackerone.com/xnand)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:17:24.863Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-2355"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect 15",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "28035",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Agent",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "27147",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@xnand (https://hackerone.com/xnand)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:33.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-2355"
            }
          ],
          "source": {
            "advisory": "SEC-2355",
            "defect": [
              "SEC-2355"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation via named pipe due to improper access control checks",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2021-44204",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation via named pipe due to improper access control checks"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect 15",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "28035"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Agent",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "27147"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@xnand (https://hackerone.com/xnand)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-285"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-2355",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-2355"
                }
              ]
            },
            "source": {
              "advisory": "SEC-2355",
              "defect": [
                "SEC-2355"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2021-44204",
        "datePublished": "2022-02-04T22:29:33.071Z",
        "dateReserved": "2021-11-24T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:12:21.982Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32581 (GCVE-0-2021-32581)

    Vulnerability from nvd – Published: 2021-08-05 19:19 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68413"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:19:41.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68413"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32581",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                },
                {
                  "name": "https://kb.acronis.com/content/68413",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68413"
                },
                {
                  "name": "https://kb.acronis.com/content/68648",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32581",
        "datePublished": "2021-08-05T19:19:41.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32580 (GCVE-0-2021-32580)

    Vulnerability from nvd – Published: 2021-08-05 19:06 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68419 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.486Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:06:36.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32580",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32580",
        "datePublished": "2021-08-05T19:06:36.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.486Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32579 (GCVE-0-2021-32579)

    Vulnerability from nvd – Published: 2021-08-05 19:04 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.453Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68413"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:04:57.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68413"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32579",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                },
                {
                  "name": "https://kb.acronis.com/content/68413",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68413"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32579",
        "datePublished": "2021-08-05T19:04:57.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32578 (GCVE-0-2021-32578)

    Vulnerability from nvd – Published: 2021-08-05 19:16 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68419 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.317Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:16:41.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32578",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32578",
        "datePublished": "2021-08-05T19:16:41.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.317Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32577 (GCVE-0-2021-32577)

    Vulnerability from nvd – Published: 2021-08-05 19:21 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68413 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:29.968Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68413"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:21:04.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68413"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32577",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68413",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68413"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32577",
        "datePublished": "2021-08-05T19:21:04.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:29.968Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32576 (GCVE-0-2021-32576)

    Vulnerability from nvd – Published: 2021-08-05 19:07 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68419 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.992Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:07:57.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32576",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32576",
        "datePublished": "2021-08-05T19:07:57.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-33271 (GCVE-0-2026-33271)

    Vulnerability from cvelistv5 – Published: 2026-04-02 17:06 – Updated: 2026-04-03 03:55
    VLAI
    Summary
    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis True Image Affected: unspecified , < 42902 (semver)
    Create a notification for this product.
    Credits
    @s3nds3c (https://hackerone.com/s3nds3c)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33271",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-03T03:55:49.028Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "42902",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "@s3nds3c (https://hackerone.com/s3nds3c)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T17:06:24.089Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "name": "SEC-9108",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-9108"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2026-33271",
        "datePublished": "2026-04-02T17:06:24.089Z",
        "dateReserved": "2026-04-01T00:44:58.761Z",
        "dateUpdated": "2026-04-03T03:55:49.028Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-27774 (GCVE-0-2026-27774)

    Vulnerability from cvelistv5 – Published: 2026-04-02 17:05 – Updated: 2026-04-03 03:55
    VLAI
    Summary
    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis True Image Affected: unspecified , < 42902 (semver)
    Create a notification for this product.
    Credits
    @chipotle_chili (https://hackerone.com/chipotle_chili)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-27774",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-03T03:55:47.929Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "42902",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "@chipotle_chili (https://hackerone.com/chipotle_chili)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T17:05:19.178Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "name": "SEC-10057",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-10057"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2026-27774",
        "datePublished": "2026-04-02T17:05:19.178Z",
        "dateReserved": "2026-04-01T00:44:58.734Z",
        "dateUpdated": "2026-04-03T03:55:47.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-28728 (GCVE-0-2026-28728)

    Vulnerability from cvelistv5 – Published: 2026-04-02 17:04 – Updated: 2026-04-03 03:55
    VLAI
    Summary
    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis True Image Affected: unspecified , < 42902 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-28728",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-03T03:55:46.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "42902",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42902."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T17:04:45.425Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "name": "SEC-10401",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-10401"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2026-28728",
        "datePublished": "2026-04-02T17:04:45.425Z",
        "dateReserved": "2026-03-03T02:29:03.755Z",
        "dateUpdated": "2026-04-03T03:55:46.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-44206 (GCVE-0-2021-44206)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 22:45
    VLAI
    Title
    Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service
    Summary
    Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @xdanes09 (https://hackerone.com/xdanes09)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:17:24.550Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3058"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@xdanes09 (https://hackerone.com/xdanes09)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:33.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3058"
            }
          ],
          "source": {
            "advisory": "SEC-3058",
            "defect": [
              "SEC-3058"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2021-44206",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@xdanes09 (https://hackerone.com/xdanes09)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3058",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3058"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3058",
              "defect": [
                "SEC-3058"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2021-44206",
        "datePublished": "2022-02-04T22:29:33.897Z",
        "dateReserved": "2021-11-24T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:45:14.240Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-44204 (GCVE-0-2021-44204)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-17 01:12
    VLAI
    Title
    Local privilege escalation via named pipe due to improper access control checks
    Summary
    Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect 15 Affected: unspecified , < 28035 (custom)
    Create a notification for this product.
    Acronis Acronis Agent Affected: unspecified , < 27147 (custom)
    Create a notification for this product.
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @xnand (https://hackerone.com/xnand)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:17:24.863Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-2355"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect 15",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "28035",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Agent",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "27147",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@xnand (https://hackerone.com/xnand)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:33.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-2355"
            }
          ],
          "source": {
            "advisory": "SEC-2355",
            "defect": [
              "SEC-2355"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation via named pipe due to improper access control checks",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2021-44204",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation via named pipe due to improper access control checks"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect 15",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "28035"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Agent",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "27147"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@xnand (https://hackerone.com/xnand)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-285"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-2355",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-2355"
                }
              ]
            },
            "source": {
              "advisory": "SEC-2355",
              "defect": [
                "SEC-2355"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2021-44204",
        "datePublished": "2022-02-04T22:29:33.071Z",
        "dateReserved": "2021-11-24T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:12:21.982Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24114 (GCVE-0-2022-24114)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-17 03:07
    VLAI
    Title
    Local privilege escalation due to race condition on application startup
    Summary
    Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39605 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @vkas-afk (https://hackerone.com/vkas-afk)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3316"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39605",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:32.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3316"
            }
          ],
          "source": {
            "advisory": "SEC-3316",
            "defect": [
              "SEC-3316"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to race condition on application startup",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2022-24114",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to race condition on application startup"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39605"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to race condition on application startup. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-362"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3316",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3316"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3316",
              "defect": [
                "SEC-3316"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2022-24114",
        "datePublished": "2022-02-04T22:29:32.323Z",
        "dateReserved": "2022-01-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:25.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-44205 (GCVE-0-2021-44205)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-17 01:36
    VLAI
    Title
    Local privilege escalation due to DLL hijacking vulnerability
    Summary
    Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @xdanes09 (https://hackerone.com/xdanes09)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:17:24.843Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3059"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@xdanes09 (https://hackerone.com/xdanes09)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:31.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3059"
            }
          ],
          "source": {
            "advisory": "SEC-3059",
            "defect": [
              "SEC-3059"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to DLL hijacking vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2021-44205",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to DLL hijacking vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@xdanes09 (https://hackerone.com/xdanes09)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3059",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3059"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3059",
              "defect": [
                "SEC-3059"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2021-44205",
        "datePublished": "2022-02-04T22:29:31.627Z",
        "dateReserved": "2021-11-24T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:36:39.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24115 (GCVE-0-2022-24115)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 16:52
    VLAI
    Title
    Local privilege escalation due to unrestricted loading of unsigned libraries
    Summary
    Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39605 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @vkas-afk (https://hackerone.com/vkas-afk)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.626Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-3359"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39605",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "macOS"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:30.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-3359"
            }
          ],
          "source": {
            "advisory": "SEC-3359",
            "defect": [
              "SEC-3359"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to unrestricted loading of unsigned libraries",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2022-24115",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to unrestricted loading of unsigned libraries"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39605"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "macOS",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@vkas-afk (https://hackerone.com/vkas-afk)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-347"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-3359",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-3359"
                }
              ]
            },
            "source": {
              "advisory": "SEC-3359",
              "defect": [
                "SEC-3359"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2022-24115",
        "datePublished": "2022-02-04T22:29:30.925Z",
        "dateReserved": "2022-01-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:52:37.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24113 (GCVE-0-2022-24113)

    Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 19:57
    VLAI
    Title
    Local privilege escalation due to excessive permissions assigned to child processes
    Summary
    Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Acronis Acronis Cyber Protect 15 Affected: unspecified , < 28035 (custom)
    Create a notification for this product.
    Acronis Acronis Agent Affected: unspecified , < 27147 (custom)
    Create a notification for this product.
    Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
    Create a notification for this product.
    Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
    Create a notification for this product.
    Date Public
    2022-02-02 00:00
    Credits
    @penrose (https://hackerone.com/penrose)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect 15",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "28035",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Agent",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "27147",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis Cyber Protect Home Office",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39612",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "platforms": [
                "Windows"
              ],
              "product": "Acronis True Image 2021",
              "vendor": "Acronis",
              "versions": [
                {
                  "lessThan": "39287",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "@penrose (https://hackerone.com/penrose)"
            }
          ],
          "datePublic": "2022-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:29:30.000Z",
            "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
            "shortName": "Acronis"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
            }
          ],
          "source": {
            "advisory": "SEC-2881",
            "defect": [
              "SEC-2881"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Local privilege escalation due to excessive permissions assigned to child processes",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@acronis.com",
              "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
              "ID": "CVE-2022-24113",
              "STATE": "PUBLIC",
              "TITLE": "Local privilege escalation due to excessive permissions assigned to child processes"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Acronis Cyber Protect 15",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "28035"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Agent",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "27147"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis Cyber Protect Home Office",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39612"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Acronis True Image 2021",
                          "version": {
                            "version_data": [
                              {
                                "platform": "Windows",
                                "version_affected": "\u003c",
                                "version_value": "39287"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Acronis"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "@penrose (https://hackerone.com/penrose)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-250"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://security-advisory.acronis.com/advisories/SEC-2881",
                  "refsource": "MISC",
                  "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
                }
              ]
            },
            "source": {
              "advisory": "SEC-2881",
              "defect": [
                "SEC-2881"
              ],
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "assignerShortName": "Acronis",
        "cveId": "CVE-2022-24113",
        "datePublished": "2022-02-04T22:29:30.215Z",
        "dateReserved": "2022-01-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:57:01.189Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32577 (GCVE-0-2021-32577)

    Vulnerability from cvelistv5 – Published: 2021-08-05 19:21 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68413 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:29.968Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68413"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:21:04.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68413"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32577",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68413",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68413"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32577",
        "datePublished": "2021-08-05T19:21:04.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:29.968Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32581 (GCVE-0-2021-32581)

    Vulnerability from cvelistv5 – Published: 2021-08-05 19:19 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68413"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68648"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:19:41.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68413"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68648"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32581",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                },
                {
                  "name": "https://kb.acronis.com/content/68413",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68413"
                },
                {
                  "name": "https://kb.acronis.com/content/68648",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68648"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32581",
        "datePublished": "2021-08-05T19:19:41.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32578 (GCVE-0-2021-32578)

    Vulnerability from cvelistv5 – Published: 2021-08-05 19:16 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68419 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.317Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:16:41.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32578",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32578",
        "datePublished": "2021-08-05T19:16:41.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.317Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32576 (GCVE-0-2021-32576)

    Vulnerability from cvelistv5 – Published: 2021-08-05 19:07 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68419 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.992Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:07:57.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32576",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 1 of 2)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32576",
        "datePublished": "2021-08-05T19:07:57.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32580 (GCVE-0-2021-32580)

    Vulnerability from cvelistv5 – Published: 2021-08-05 19:06 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://kb.acronis.com/content/68419 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.486Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:06:36.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32580",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32580",
        "datePublished": "2021-08-05T19:06:36.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.486Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-32579 (GCVE-0-2021-32579)

    Vulnerability from cvelistv5 – Published: 2021-08-05 19:04 – Updated: 2024-08-03 23:25
    VLAI
    Summary
    Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T23:25:30.453Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68419"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://kb.acronis.com/content/68413"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-05T19:04:57.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68419"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://kb.acronis.com/content/68413"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-32579",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Acronis True Image prior to 2021 Update 4 for Windows and Acronis True Image prior to 2021 Update 5 for macOS allowed an unauthenticated attacker (who has a local code execution ability) to tamper with the micro-service API."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kb.acronis.com/content/68419",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68419"
                },
                {
                  "name": "https://kb.acronis.com/content/68413",
                  "refsource": "MISC",
                  "url": "https://kb.acronis.com/content/68413"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-32579",
        "datePublished": "2021-08-05T19:04:57.000Z",
        "dateReserved": "2021-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-03T23:25:30.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }