CVE-2024-34010
published 2024-04-29CVE-2024-34010: Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before…
PriorityP337high8.2CVSS 3.0
AVLACLPRHUINSCCHIHAH
EPSS
0.20%
10.3th percentile
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386, Acronis True Image OEM (Windows) before build 42575.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acronis | acronis_cyber_protect_16 | >= unspecified < 38690 | 38690 |
| acronis | acronis_cyber_protect_cloud_agent | >= unspecified < 37758 | 37758 |
| acronis | acronis_true_image | >= unspecified < 42386 | 42386 |
| acronis | acronis_true_image_oem | >= unspecified < 42575 | 42575 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Acronis Cyber Protect Cloud Agent 36943 unquoted search path
vuldb·2026-04-15·CVSS 8.2
CVE-2024-34010 [HIGH] Acronis Cyber Protect Cloud Agent 36943 unquoted search path
A vulnerability categorized as critical has been discovered in Acronis Cyber Protect Cloud Agent 36943. Affected is an unknown function. Such manipulation leads to unquoted search path.
This vulnerability is uniquely identified as CVE-2024-34010. Local access is required to approach this attack. No exploit exists.
It is advisable to upgrade the affected component.
GHSA
GHSA-8q88-x5q8-wj38: Local privilege escalation due to unquoted search path vulnerability
ghsa_unreviewed·2024-04-29
CVE-2024-34010 [HIGH] CWE-428 GHSA-8q88-x5q8-wj38: Local privilege escalation due to unquoted search path vulnerability
Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-04-29
Published